Our client is looking for a Cyber Security Assurance Specialist who will be responsible for ensuring that the organisation's systems, applications, processes adhere to internal security standards, industry best practices and regulatory compliance requirements.
Key Responsibilities and Accountabilities:
Assess security vulnerabilities to protect the organisation and mitigate risk to protect data and assets.
Conduct security assessments, vulnerability assessments and audits of internal and our partner's external systems to evaluate risk, alignment and compliance with security policies, standards and frameworks (ISO 27001, NIST, CIS and internal policies etc.)
Identify and analyse and prioritise cyber risk, develop risk mitigation strategies and ensure their implementation.
Ensure compliance with all regulatory requirements (GDPR etc.) and internal and external partner security policies. Develop and update information security policies and procedures as require.
Support of incident response investigating and remediating incidents. Provide post-incident reviews and make suggestions for improvements to CIO.
Conduct security assessments of vendors, partners and third parties to ensure alignment.
Assist in development of cyber security training and awareness programmes for employees ensuring alignment with the latest threats and security practices.
Monitor emerging security threats and trends, ensuring security measures and strategies are continuously updated to reflect the latest in cyber security risks and best practices.
Collaborate closely with internal teams as well as those of our external partners to integrate and align security measures and compliance and challenge when required.
Ad hoc duties as required.Essential Skills and Knowledge:
Degree in Computer Science, Information Security or related field (or equivalent experience)
Relevant certifications (CISSP, CISM, CISA, ISO27001 etc.)
Demonstrable experience within a cyber security, security assurance role or related fields gained within a regulated environment (ideally insurance).
Experience in conducting security risk assessments and audits.
Strong understanding of regulatory compliance requirements including GDPR, SOX etc.)Technical Skills
Familiarity with vulnerability management tools
Knowledge of Firewalls, Intrusion Detection Systems and Network Security Protocols
Understanding of cloud security and related compliance requirements
Experience with security incident management and investigations.Soft Skills
Excellent written and verbal communication skills with the ability to explain complex security issues to non-technical business stakeholders.
Ability to build relationships with internal and external stakeholders and business partners working collaboratively.
Strong analytical and problem-solving skills
Ability to work independently and within a team.
Attention to detail and ability to prioritise tasks.
What we offer:
Pension contribution 5% or more by employee, 10% employer
28 Days Annual Leave
Death in Service 4 x Salary
Sick Pay
Private Medical Insurance GWV Talent Solutions Limited trading as Vermelo RPO acts as an employment agency for permanent recruitment and an employment business for the supply of temporary and contract workers. By applying for this job you accept the terms of our Privacy Policy and Terms of Service Agreement which can be found at (url removed)
The latest news, articles, and resources, sent to your inbox weekly.
We have several opportunities to join our growing Cyber Security & Assurance Information Branch within Nuclear Services. EDF Nuclear Services is a specialised technical area that supports every stage of nuclear projects like Hinkley Point C (HPC) and Sizewell C (SZC), as well as our existing power stations and decommissioning...
EDF Gloucester
Description& SummaryA career within Financial Markets Business Advisory services, will provide you with the opportunity to contribute to a variety of audit, regulatory, valuation, and financial analyses services to design solutions that address our clients’ complex accounting and financial reporting challenges, as well as their broader business issues.Who we are...
PwC Saint-Helier
What you’ll doOur TeamThe Technology Strategy Team is responsible for managing the Technology Strategy lifecycle across the whole of technology for the Vodafone Technology organization. This means our team supports (and is supported by) all technology functions, Networks, Digital & IT, Commercial and Vodafone Business products, platforms and solutions, Cyber...
Vodafone London
Job SpecificationSecurity Assurance Support CoordinatorAt Carbon60, the emphasis on fostering both personal and professional development is unparalleled. From comprehensive training programmes to mentorship from industry leaders, there's a genuine commitment to helping our employees excel. Working here means being part of a team that celebrates innovation and encourages continuous learning.We...
Portsmouth
Job summaryOur international multidisciplinary engineering, science and technology consultancy client offering services in the defence and security sector is growing their Cyber Security team.Key skills required for this roleCyber Security, Governance, Risk and Compliance, GRC, Information Assurance, Secure by Design, ISO27000, NIST, CISSP, CISMImportantCandidates must be able to attain security...
Matchtech Bristol
Job descriptionConnect to your IndustryDeloitte Technology works at the forefront of technology development and processes to support and protect Deloitte around the world. In this truly global environment, we operate not in "what is" but rather "what can be" to help Deloitte deliver and connect with its clients, its communities,...
Deloitte LLP Cardiff
