20 ISO/IEC 27002 (supersedes ISO/IEC 17799) Jobs

clinicians to develop and implement exciting data analysis projects to personalise the treatment of patients. For more information on the programme see https: / / bartslifesciences.org / The successful candidate will have: Extensive experience of working with cloud services ideally within the NHS, academia … responsibilities of the role, and the person specification outlines the qualifications, skills, experience, and knowledge required. For both documents, please view the attachment / s below. Person Specification Experience Essential Substantial experience in leading the analysis of different complex technical / architectural solutions (e.g., cost, time … users undertaking difficult data analysis tasks. Experience in adapting or formulating new technical strategies and policies for a service and using their persuasion / negotiation skills to change these through the relevant governance structures and communicating these changes to users. Experience in taking technical leadership around delivering a more »

level is necessary. An understanding of compliance and regulatory frameworks such as National Cyber Security Centre (NCSC) Cyber Assessment Framework (CAF) and ISA / IEC 62443, ISO / IEC 27001 / 27002 … GDPR.Working knowledge of security technologies including SIEM, SOAR, EDR, AV, IDS / IPS, NAC, AD, DLP, Web Filtering, Email Filtering, Behavioural Analytics.Knowledge of adversarial tactics, techniques, procedures (TTPs) and industry standard frameworks (Mitre ATT&CK). Experience working within a regulated environment, preferably Energy sector Critical National Infrastructure … CNI) Desirable: Bachelor's Degree in Cybersecurity, Computer Science, Information Systems, related field or equivalent training and / or experience. Professional Information Security certification by a recognised professional body such as Certified in Information Security Management (CISM), Certified Information Systems Security Professional (CISSP), certified Ethical Hacker (CEH), Global more »

some experience in assurance testing techniques and methodologies. Bachelor's Degree in Cybersecurity, Computer Science, Information Systems, related field or equivalent training and / or experience. Professional Information Security certification by a recognised professional body such as Certified in Information Security Management (CISM), Certified Information Systems Security Professional … come first. An understanding of compliance and regulatory frameworks such as the National Cyber Security Centre (NCSC) Cyber Assessment Framework (CAF) and ISA / IEC 62443, ISO / IEC 27001 / 27002 … and GDPR. Working knowledge of security technologies including SIEM, SOAR, EDR, AV, IDS / IPS, NAC, AD, DLP, Web Filtering, Email Filtering, Behavioural Analytics. Knowledge of adversarial tactics, techniques, procedures (TTPs) and industry standard frameworks (Mitre ATT&CK). Experience working within a regulated environment, preferably Energy sector more »

Cyber Security Consultant - Security Assurance - 2 / 3 days a week on Site (Tadley) - £65k to £80k + benefits Due to the nature of the work - holding current, high level valid UK government security clearance is highly advantageous. We are looking for experienced Cyber Security Consultant - Security / … to ensure that the client-based security teams uphold the highest standards. Whilst also acting as a group wide SME for direct queries / questions relating to Cyber Security Assurance. Typical day to day responsibilities: Management of the client's security documentation, including the creation and review of … standards for application across the organisation and within the supply chain. Alignment to industry standards and regulation, e.g. ISO / IEC 27001 / 27002 / 27005. Define as-is and to-be security standards. more »

design, installation, maintenance, upgrades, and troubleshooting of applications and tools directly impacting the InfoSec Identity service deliverables. Active Directory (AD), Azure Active Directory / Entra ID : Analyze, design, implement, and support the hybrid on-premises and cloud Active Directory environment. Collaborate with business and technical partners to integrate … maintain integrations between Entra ID and Linux-based systems. Ensure seamless authentication and authorization for Linux users. Automation of User and Device Onboarding / Offboarding : Develop and maintain scripts or workflows to automate user and device provisioning and deprovisioning. Streamline the onboarding and offboarding processes to enhance efficiency … response efforts as Incident Commander. Other duties as assigned or directed. Education, Experience, and Skills required Proven experience as a Senior Active Directory / Entra ID Engineer or similar role with a 5 to 8 years of experience. Advanced knowledge of Active Directory, Azure Active Directory / more »

Network +, CompTIA Security +, CISM, CISSP or COBIT 5) Baseline knowledge of resilience frameworks (NIST CSF, ISO 27001 / 27002 and COBIT) For more information, please apply more »

Security +, CISM, CISSP, or COBIT 5. Demonstrate a fundamental understanding of frameworks such as NIST CSF, ISO 27001 / 27002, and COBIT. Experience in Operational Technology Security, with the ability to identify and address IT and operational vulnerabilities, is preferred. Interested more »

Security +, CISM, CISSP, or COBIT 5. -Demonstrate a fundamental understanding of frameworks such as NIST CSF, ISO 27001 / 27002, and COBIT. -Experience in Operational Technology Security, with the ability to identify and address IT and operational vulnerabilities, is preferred. Interested more »

years of practical experience in enterprise security and infrastructure. * Familiarity with enterprise information security standards: Cyber Essentials, ISO 27001, 27002, Data Protection Act, GDPR. * Proficiency in Microsoft O365 Security, Networking, Security operations, Vulnerability Management, and Security Auditing. * Strong understanding of security testing principles, including … with a copy of your CV if interested! Key Words: Information Security Analyst, Information Security Engineer, Security Analyst, Information Security, NIST, COBIT, ISO-27001, ISO-27002, Compliance, Governance, Risk, Cyber Security, SOX, Sentinel, Defender, InTune BeTechnology Group Limited is acting as an more »

to both technical and nontechnical audiences, flexes style to suit the needs of the audience A good understanding of security frameworks including ISO27001 / 2, Cyber Essentials Plus, CIS Top 20, Data Protection Act 2018, OWASP Top 10 Have a relevant industry certification such as CISSP, CISM, CRISC more »

with 8300+ staff and 100+ sites globally. The ideal candidate should have a minimum of three years of hands-on experience in Security / Infrastructure within an enterprise environment. Requirements: Proficiency in enterprise information security standards, including Cyber Essentials, ISO 27001, 27002 more »

disaster recovery plans and capabilities, addressing any identified gaps for continuous improvement. Technical Experience: Demonstrated two years of practical experience in security and / or infrastructure within a corporate setting Familiarity with enterprise information security standards like Cyber Essentials, ISO 27001, 27002 more »

Technology Risk Manager Up to £75,000 + Package London, United Kingdom (Hybrid Working) Gresham Hunt are currently seeking an experienced tech / cloud risk professional for a leading financial services client to join growing their Groupwide Technology Risk team in London. You will be tasked with ensuring … candidate will have: Extensive experience within Risk Management within the Financial Services industry. Experience in IT and Cloud controls testing is essential. Knowledge / experience with major cloud service providers, preferably AWS. Knowledge of various industry frameworks and controls such as ITIL, NIST, COBIT, ISO 27001 / 2. A broad, high-level IT or Cybersecurity background with exposure to areas such as cloud security, security architecture, IT infrastructure and security governance would be beneficial. Hold relevant industry certifications such as CCSP, CCSK, GCSA, CRISC Excellent communication skills with the more »

candidate will have: Extensive experience within Risk Management within the Financial Services industry. Experience in IT and Cloud controls testing is essential. Knowledge / experience with major cloud service providers, preferably AWS. Knowledge of various industry frameworks and controls such as ITIL, NIST, COBIT, ISO 27001 / 2. A broad, high-level IT or Cybersecurity background with exposure to areas such as cloud security, security architecture, IT infrastructure and security governance would be beneficial. Hold relevant industry certifications such as CCSP, CCSK, GCSA, CRISC Excellent communication skills with the more »

line with regulatory frameworks such as GDPR, FCA, and PRA. Essential skills: Familiarity with PCI-DSS, UK Financial Services regulatory requirements and ISO27001 / 2 or NIST Cyber security experience with IAM / PAM tools such as SailPoint, Okta, CyberArk, BeyondTrust or Thycotic. Understanding of IAM … authorisation, and accounting controls. Experience within directory services such as Active Directory, LDAP, and Azure AD. Desirable: Security related qualification e.g. CISSP, CISA / M, SANS GIAC. So, if you feel your skills and experience align with the prerequisites for this role. Then please get in touch and more »

the Information Security Risk management and understand the monitoring of Cloud and Web platforms Ensure business is aligned with industry Frameworks such ISO27001 / 2, NIST and ITIL ERM Framework, Risk Reporting and Monitoring Support embedding of the ERM Framework, with a focus on Technology and Change Risks. … incident management issues and request full root cause reviews Supporting operational resilience testing plans and reporting Assurance Lead and provide ‘2nd Line’ support / challenge / assurance to the relevant areas of business or functional areas of responsibility where required These may take the form of more »

Application Security Engineer Sunderland / WFH to £44k Do you have expertise with secure coding practices? You could be progressing your career, working on a modern tech stack and collaboratively problem solving within a supportive team environment at a tech driven online gaming company. As an Application Security … support application security tool deployments including dynamic scanning, code analysis and penetration testing utilising scanning features within GitHub and integrating to the CI / CD pipeline. You will use a combination of Static Application Testing (SAST), DAST and Software Composition Analysis (SCA) tooling to identify security vulnerabilities and … plan remediations. Location / WFH: There's a hybrid work from home policy with flexibility to work from home two days a week; when you're in the office you'll be collaborating with accomplished colleagues in awesome custom built offices in Sunderland with a range of facilities more »

Application Security Engineer Sunderland / WFH to £44k Do you have expertise with secure coding practices? You could be progressing your career, working on a modern tech stack and collaboratively problem solving within a supportive team environment at a tech driven online gaming company. As an Application Security … support application security tool deployments including dynamic scanning, code analysis and penetration testing utilising scanning features within GitHub and integrating to the CI / CD pipeline. You will use a combination of Static Application Testing (SAST), DAST and Software Composition Analysis (SCA) tooling to identify security vulnerabilities and … plan remediations. Location / WFH: There's a hybrid work from home policy with flexibility to work from home two days a week; when you're in the office you'll be collaborating with accomplished colleagues in awesome custom built offices in Sunderland with a range of facilities more »

Application Security Engineer Sunderland / WFH to £44k Do you have expertise with secure coding practices? You could be progressing your career, working on a modern tech stack and collaboratively problem solving within a supportive team environment at a tech driven online gaming company. As an Application Security … support application security tool deployments including dynamic scanning, code analysis and penetration testing utilising scanning features within GitHub and integrating to the CI / CD pipeline. You will use a combination of Static Application Testing (SAST), DAST and Software Composition Analysis (SCA) tooling to identify security vulnerabilities and … plan remediations. Location / WFH: There's a hybrid work from home policy with flexibility to work from home two days a week; when you're in the office you'll be collaborating with accomplished colleagues in awesome custom built offices in Sunderland with a range of facilities more »

their customers financially better off. This is a brand new role for the business and it plays a key part in the Cyber / Information Security function. You will drive and enhance their current operational processes and contribute across Security Assurance, Threat Detection, Risk Management, CPSM & Threat Intelligence. … Skills required: Control Frameworks & Industry Standards (ISO27001, 27002, GDPR, NIST) Security Operations Performance Tracking Data Security, Malware Detection, Threat & Incident response For the right person this is a huge opportunity - considering the sustained growth that they're going through, this role has a dotted line to management or more »