Professional. Knowledge of UK/NATO Information Assurance standards, procedures & systems, including Government Functional Standard GovS 007: Security, HMG IS1&2, ISO27000 series standards, NIST SP800 series standards, JSP440, JSP604, guidance material provided by NCSC, CPNI and NIST. Practical experience of producing Security Accreditation documentation Practical experience of NCSC andmore »
Certified Information Systems Security Professional (CISSP) certified or relevant experience to demonstrate understanding. Extensive information security experience. Deep knowledge of Information Security frameworks (ISO27001, NIST). Experience of Cloud technologyand security. Must demonstrate awareness of current and upcoming regulatory requirements in relation to cyber and outsourcing. Ability to interact more »
/Experience: IT background with a passion for optimizing process performance to deliver business value.Understanding that technology requires effective processes Working knowledge of TOGAF, NIST, ITIL, ISO 27k, GDPR, CIFIUS is essential for this role Knowledge of Cloud technologies or a keen aptitude to learn is required Proven business acumen more »
Proficiency in designing and building secure, scalable backend services. Knowledge and experience in SSPM/CSPM, API integration, SaaS applications security, security frameworks like NISTand CIS, SIEM tools, incident/problem/change management processes. Desirable Qualifications: Bachelor's degree in Information Technology or related field Previous financial sector more »
the IT security team to ensure AI/ML systems comply with relevant regulatory requirements and industry standards, such as the EU AI Act, NIST AI RMF, the Digital Services Act, the Digital Markets Act, GDPR and ISO 27001. Work alongside incident response teams to investigate and respond to security more »
stay abreast of emerging threat, vulnerabilities and best practices in cybersecurity. What you’ve got… Demonstrable understanding of cybersecurity principles, frameworks (such as ISO27001, NIST, etc.) and best practices; including knowledge of various security technologies, threat landscape, vulnerabilities and mitigation strategies. Familiarity with regulatory and compliance requirements (such as GDPR more »
Central London, London, United Kingdom Hybrid / WFH Options
Hireful
an MSSP, in a cloud-based environment. - Knowledge of security compliance standards relevant to the SaaS industry, such as PCI, GDPR, ISO 27001, SOC2, NIST - Skills in leveraging application monitoring tools- AWS monitoring/alert tools (CloudTrail, GuardDuty), Qualys tools and SIEM experience, to detect and respond to security events more »
Industry Security Qualifications, e.g. CCP, CISSP, CISM (or able to achieve) Proven experience of assessing and managing risk in line with industry good practice (NIST, ISO 27001) Significant experience with using security baselines, mitigations and controls Engineering background and or strong familiarity with a life cycle phased approach Desirable: Experience more »
Industry Security Qualifications, eg. CCP, CISSP, CISM (or able to achieve) · Proven experience of assessing and managing risk in line with industry good practice (NIST, ISO 27001) · Experience with using security baselines, mitigations and controls · Conducted cyber security analysis work, developed threat taxonomies, security architectures, security baselines and risk mitigations. more »
Industry Security Qualifications, eg. CCP, CISSP, CISM (or able to achieve) · Proven experience of assessing and managing risk in line with industry good practice (NIST, ISO 27001) · Experience with using security baselines, mitigations and controls · Conducted cyber security analysis work, developed threat taxonomies, security architectures, security baselines and risk mitigations. more »
Industry Security Qualifications, eg. CCP, CISSP, CISM (or able to achieve) · Proven experience of assessing and managing risk in line with industry good practice (NIST, ISO 27001) · Experience with using security baselines, mitigations and controls · Conducted cyber security analysis work, developed threat taxonomies, security architectures, security baselines and risk mitigations. more »
Industry Security Qualifications, eg. CCP, CISSP, CISM (or able to achieve) · Proven experience of assessing and managing risk in line with industry good practice (NIST, ISO 27001) · Experience with using security baselines, mitigations and controls · Conducted cyber security analysis work, developed threat taxonomies, security architectures, security baselines and risk mitigations. more »
very ideal for this role. I'm looking for candidates with the following experience: Experience working with security frameworks/policies (e.g. IS1, ISO27001, NIST, Mitre, and STRIDE) Strong experience in developing Risk Management Accreditation Document Sets (RMADS). Current or former CISSP or CISM certification (or other relevant certifications more »
including experience in information security, business continuity planning, business impact assessments, crisis management and cyber security. Working knowledge and/or expertise of ISO27001, NIST, CAF or other industry standards. Knowledge and general understanding of EU Digital Operational Resilience Act (DORA) and Network and Information Security (NIS2) Directive. Knowledge ofmore »
skills and experiences: Experience as an Auditor or Implementer of ISO27001 Expert understanding of information security principles and Security Frameworks including ISO 27001 andNIST Experience in Cyber Security in relation to DEFCON 658, DEFSTAN 05-138, MOD Accreditation/Secure by Design Degree (or equivalent experience) in a relevant more »
and applications. Maintain Windows server and Unix based servers, O365 and administer MS Azure. Implement and maintain information security controls in line with ISO27001, NISTand DORA standards. Support the Bank’s VMware and Citrix virtual infrastructure. Maintain the bank’s Business Continuity and Disaster recovery plan and procedure. Lead more »
experienced Director of Information Security. This individual will have a proven track record in managing security systems and ensuring compliance with standards (ISO 27001, NIST, SOC 2). This opportunity involves working cross- functionally with supporting teams taking a strategic 360 approach to security. You must be prepared to influence more »
Newcastle upon Tyne, Tyne and Wear, Tyne & Wear, United Kingdom Hybrid / WFH Options
Hays Technology
/Cloud environment, be experienced with the security principles surrounding business acquisitions and have a nice hybrid of traditional Information Security knowledge (ISO27001, GRC, NIST, Cyber Essentials Plus etc.) alongside a technical cyber understanding enabling them to create and ensure the adherence of policies in a cloud-focused SAAS business more »
Employment Type: Permanent
Salary: £80000 - £100000/annum plus bonuses and more benefits
desirable certifications such as Business Continuity Management Certification (ISO 22301), ISO 27001, CBCI, CMCS, CISSP, or CISM. Have a foundational understanding of frameworks like NIST CSF and ISO 27001. Interested? Please submit your updated CV to Dean Parkes at Crimson for immediate consideration Not interested? Do you know someone who more »
Employment Type: Permanent
Salary: £80000 - £90000/annum Car allowance £10,000
Swindon, England, United Kingdom Hybrid / WFH Options
WHSmith
of risk management, information security and IT roles (including Audit) Knowledge gained through working with common information security management frameworks (e.g. ISO27001, Cyber Essentials, NIST, PCI DSS, SOC2) A strong knowledge of Office 365, Teams, and SharePoint Knowledge of data protection regulations and requirements Experience of PCI-DSS controls andmore »
JIRA) * Ability to identify Threat Vectors in enterprise or cloud environments and design associated security/controls. * Knowledge of Enterprise security frameworks such as NIST Cybersecurity Framework. * Knowledge of Cyber-attack phases (e.g. Cyber Kill Chain and/or Mitre Attack Framework). * Knowledge of a broad range of security more »
Reading, England, United Kingdom Hybrid / WFH Options
Areti Group
of influencing and negotiating technical outcomes with external partners, including resolving conflicts arising from changing priorities. · Familiarity with common information security management frameworks like NIST, PCI, GDPR, ISO Series, OWASP, ITIL, ISF Standardsof Good Practice (SoGP), and ISACA’s Control Objectives for Information and related Technology (COBIT) frameworks. Areti more »
best practice Good working knowledge of vulnerability management . Desirable Skills and Experience: Experience with security testing tools. Knowledge of formal standards such as NIST, NCFC, and CIS. Experience in specifying and implementing 3rd party SOC. If you are a cyber security professional with the skills and experience to drive more »
and TOGAF to align security requirements with business requirements. Familiarity with Control Frameworks like ISO 27001 and CoBIT for determining technical controls. Understanding ofNIST-based Zero Trust Standards. Proven experience in establishing Zero Trust-based architecture for key use cases (Identity-Driven ZTA, Micro-segmentation based ZTA). Experience more »
also require skills in the likes of SIEM and familiar with the likes of DAST & SAST testing. Finally, strong knowledge of frameworks like ISO & NIST is required. Any experience of the OT/IoT sector would be very welcome too. If you're interested in Cloud Security, Security Engineering, Offensive more »