2 Permanent ISO/IEC 27001 Jobs in Kent

Lead the audit / assessment of operations controls and processes against the required internal and industry standards, including but not limited to COBIT, ISO27001, NIST, PCI-DSS, Cyber Resilience Framework Develop a test strategy and produce control test plans to test the design and operational effectiveness of controls, ensuring … and deficiencies, risk exposures and adjustments to the operations risk profile to senior management and Second & Third Line of Defence, as appropriate Support control / action owners in the design of remediation action plans for identified control deficiencies Assist in establishing inherent risk ratings, control rating, and residual risk … interested in joining us at AXA, please don’t hesitate to apply. Your Profile What we’re looking for: Previous controls governance and assurance / audit experience in a large organisation Strong understanding of operational risk, control concepts and frameworks Excellent stakeholder management skills Good knowledge of industry best more »

as a trusted advisor on information security matters. Oversee, manage , and maintain the companys information security management system and associated security certifications ( currently ISO 27001 and Cyber Essentials Plus in the UK) Support internal business teams with client and 3rd party security assurance requirements. Support the … incidents reported or highlighted through internal processes and controls. Organise and support internal and external audits, vulnerability management processes, penetration testing and business continuity / disaster recovery planning. Contribute towards the annual budget and forecasting process for Infosec related items. Working across the business to ensure that compliance with … ideas and concepts and communicate this appropriately to your audience. The ability to embrace and encourage change and provide continual improvement. Implementation of and / or ongoing management of security policies and associated documentation. A pragmatic view of information security and its relationship with the wider business objectives. A more »