14 ISO/IEC 27002 (supersedes ISO/IEC 17799) Jobs

level is necessary. An understanding of compliance and regulatory frameworks such as National Cyber Security Centre (NCSC) Cyber Assessment Framework (CAF) and ISA / IEC 62443, ISO / IEC 27001 / 27002 … GDPR.Working knowledge of security technologies including SIEM, SOAR, EDR, AV, IDS / IPS, NAC, AD, DLP, Web Filtering, Email Filtering, Behavioural Analytics.Knowledge of adversarial tactics, techniques, procedures (TTPs) and industry standard frameworks (Mitre ATT&CK). Experience working within a regulated environment, preferably Energy sector Critical National Infrastructure … CNI) Desirable: Bachelor's Degree in Cybersecurity, Computer Science, Information Systems, related field or equivalent training and / or experience. Professional Information Security certification by a recognised professional body such as Certified in Information Security Management (CISM), Certified Information Systems Security Professional (CISSP), certified Ethical Hacker (CEH), Global more »

Cyber Security Consultant - Security Assurance - 2 / 3 days a week on Site (Tadley) - £65k to £80k + benefits Due to the nature of the work - holding current, high level valid UK government security clearance is highly advantageous. We are looking for experienced Cyber Security Consultant - Security / … to ensure that the client-based security teams uphold the highest standards. Whilst also acting as a group wide SME for direct queries / questions relating to Cyber Security Assurance. Typical day to day responsibilities: Management of the client's security documentation, including the creation and review of … standards for application across the organisation and within the supply chain. Alignment to industry standards and regulation, e.g. ISO / IEC 27001 / 27002 / 27005. Define as-is and to-be security standards. more »

design, installation, maintenance, upgrades, and troubleshooting of applications and tools directly impacting the InfoSec Identity service deliverables. Active Directory (AD), Azure Active Directory / Entra ID : Analyze, design, implement, and support the hybrid on-premises and cloud Active Directory environment. Collaborate with business and technical partners to integrate … maintain integrations between Entra ID and Linux-based systems. Ensure seamless authentication and authorization for Linux users. Automation of User and Device Onboarding / Offboarding : Develop and maintain scripts or workflows to automate user and device provisioning and deprovisioning. Streamline the onboarding and offboarding processes to enhance efficiency … response efforts as Incident Commander. Other duties as assigned or directed. Education, Experience, and Skills required Proven experience as a Senior Active Directory / Entra ID Engineer or similar role with a 5 to 8 years of experience. Advanced knowledge of Active Directory, Azure Active Directory / more »

current operational processes and procedures, and achieve the desired next level in capability maturity. The role is a key part of the Cyber / Information Security function. It plays a key role in the security service offered to keep our client and its customer assets safe. As a … Knowledge of the following security domains: Data Security, Logging and Monitoring, Malware Detection, Threat Detection & Incident Response, Threat Intelligence, IAM & PAM, Network Security / Perimeter Security, Email Security, Data Loss Prevention, Anti-Virus and Endpoint Protection. Experience of Control Frameworks and Industry standards such as ISO 27001 ISMS, ISO 27002, NIST CSF, NIST SP 800-53 GDPR, PCI DSS, Payment Services Directive 2 (PSD2), Cyber Essentials, CIS Benchmarks and Digital Operational Resilience Act (DORA) Experience of Metric driven Security Operations Performance tracking Experience managing a Security more »

GRC Analyst (InfoSec ISO 27001) Sunderland / WFH to £40k Are you a tech savvy GRC Analyst looking to progress your career? You could be joining a successful and growing online gaming / gambling site as they expand their European presence. As … of protecting customers and the business alike from cyber security attacks. You'll maintain and continuously improve ISO 27001 / 2 policies, standards and procedures; collaborate across teams to drive adoption and adherence to InfoSec policy and guidelines and contribute to the continuous improvement … could be other industry e.g., finance You have a good understanding of governance standards and frameworks e.g., ISO 27001 / 2, PCI-DSS, NIST, ISF, GDPR You have good commercial awareness and experience of delivery security awareness within a large scale organisation You have more »

years of practical experience in enterprise security and infrastructure. * Familiarity with enterprise information security standards: Cyber Essentials, ISO 27001, 27002, Data Protection Act, GDPR. * Proficiency in Microsoft O365 Security, Networking, Security operations, Vulnerability Management, and Security Auditing. * Strong understanding of security testing principles, including … with a copy of your CV if interested! Key Words: Information Security Analyst, Information Security Engineer, Security Analyst, Information Security, NIST, COBIT, ISO-27001, ISO-27002, Compliance, Governance, Risk, Cyber Security, SOX, Sentinel, Defender, InTune BeTechnology Group Limited is acting as an more »

investigation and resolution of security related events from various security appliances and toolsets Develop security incident response plans & procedures including Security Incident Crisis / Emergency Management Ensure integration of new security services within the monitoring and detection capability Ensure information and security data is continuously collected, correlated and … and emerging technology compliance trends Possess strong organization and time management skills Demonstrated flexibility in a fast paced and agile environment. EDUCATION AND / OR EXPERIENCE: Bachelor's degree in Business / Computer Science / Technology with IT audit or compliance experience In depth … knowledge of information security, Technology Compliance management industry frameworks and standards: NIST, OWASP, SANS, ISO-27001 / 2, SANS, and Cobit 3+ years working experience with enterprise technology compliance management programs, or Auditing experience, controls testing, conducting ITGC and PCI assessments and leading related more »

to both technical and nontechnical audiences, flexes style to suit the needs of the audience A good understanding of security frameworks including ISO27001 / 2, Cyber Essentials Plus, CIS Top 20, Data Protection Act 2018, OWASP Top 10 Have a relevant industry certification such as CISSP, CISM, CRISC more »

with 8300+ staff and 100+ sites globally. The ideal candidate should have a minimum of three years of hands-on experience in Security / Infrastructure within an enterprise environment. Requirements: Proficiency in enterprise information security standards, including Cyber Essentials, ISO 27001, 27002 more »

disaster recovery plans and capabilities, addressing any identified gaps for continuous improvement. Technical Experience: Demonstrated two years of practical experience in security and / or infrastructure within a corporate setting Familiarity with enterprise information security standards like Cyber Essentials, ISO 27001, 27002 more »

FTK and live response analysis. Furthermore, familiarity with Windows and Linux enterprise environments and systems such as Active Directory, Office 365, FWs, IPS / IDS, SIEMs, etc. is required. Excellent written and verbal communication skills are required. When not responding to breaches, you will conduct enterprise threat hunting … role, you may be required to travel, either within the country or internationally. Required Technical and Professional Expertise • Hands-on experience with hardware / software tools used in incident response, computer forensics, network security assessments, and / or application security. • Experience within incident response teams and … security related vulnerabilities, common attack vectors, and mitigations. • Familiarity with various security frameworks and standards such as ISO 27001 / 2, PCI DSS, NIST800-53, 800-171, and applicable data privacy laws and regulations. • Experience with Incident Response tabletop exercises, with a focus on more »

line with regulatory frameworks such as GDPR, FCA, and PRA. Essential skills: Familiarity with PCI-DSS, UK Financial Services regulatory requirements and ISO27001 / 2 or NIST Cyber security experience with IAM / PAM tools such as SailPoint, Okta, CyberArk, BeyondTrust or Thycotic. Understanding of IAM … authorisation, and accounting controls. Experience within directory services such as Active Directory, LDAP, and Azure AD. Desirable: Security related qualification e.g. CISSP, CISA / M, SANS GIAC. So, if you feel your skills and experience align with the prerequisites for this role. Then please get in touch and more »

the Information Security Risk management and understand the monitoring of Cloud and Web platforms Ensure business is aligned with industry Frameworks such ISO27001 / 2, NIST and ITIL ERM Framework, Risk Reporting and Monitoring Support embedding of the ERM Framework, with a focus on Technology and Change Risks. … incident management issues and request full root cause reviews Supporting operational resilience testing plans and reporting Assurance Lead and provide ‘2nd Line’ support / challenge / assurance to the relevant areas of business or functional areas of responsibility where required These may take the form of more »

Application Security Engineer Sunderland / WFH to £44k Do you have expertise with secure coding practices? You could be progressing your career, working on a modern tech stack and collaboratively problem solving within a supportive team environment at a tech driven online gaming company. As an Application Security … support application security tool deployments including dynamic scanning, code analysis and penetration testing utilising scanning features within GitHub and integrating to the CI / CD pipeline. You will use a combination of Static Application Testing (SAST), DAST and Software Composition Analysis (SCA) tooling to identify security vulnerabilities and … plan remediations. Location / WFH: There's a hybrid work from home policy with flexibility to work from home two days a week; when you're in the office you'll be collaborating with accomplished colleagues in awesome custom built offices in Sunderland with a range of facilities more »