Cambridge, Cambridgeshire, East Anglia, United Kingdom Hybrid / WFH Options
GMSL
ISMS as we move forward on our journey to IS0 27001 compliance. Company Overview GMSL is the market-leading provider of 24 / 7 energy portfolio management services and software in Europe and plays a vital role in the energy business. We have unparalleled expertise in the … world and is developed using our unique operations experience, giving us clear insight into our customers needs. For more background on GMSL see https: // www.gmsl.co.uk. Reporting to the Information Security Manager, this newly created role is an exciting opportunity for an experienced ISMS Controller to join … settings, including preparation for audit. 3+ years of experience in information security or a related field. Demonstrable understanding of information security principles, frameworks, specifically ISO27001, and best practices including knowledge of various security technologies, threat landscape, vulnerabilities and mitigation strategies. Understanding of the terms and definitions used in the ISOmore »
and Compliance (GRC): Develop and implement information security policies, procedures, and standards aligned with industry best practices. Ensure compliance with relevant regulations, including ISO27001, ISO 9001 and GDPR. Engaging with key company stakeholders, assessing and actively managing risk through effective mitigation strategies. 5. … ISO27001 & ISO 9001 Compliance: Lead ISO27001 & ISO 9001 compliance activities. Maintain our integrated management systems for information security and quality management. Monitor and audit controls to ensure ongoing compliance. Qualifications Proven experience in information security management. … Strong knowledge of information security frameworks and regulations such as, ISO27001, NIST 800 series, NERC-CIP, NIS and GDPR requirements. Knowledge and experience of quality management systems, especially in an ISO 9001 certified environment. Desirable Qualifications Degree in Information Security, Computer Science, or more »
. This role can also offer blended working after probationary period (6 months) - 3 days in the office and 2 remote Close Date: 23 / 06 / 2024 We also provide the following additional benefits Personal Pension Plan – Personal contribution rates of 4% or 5% (UK Power Networks … Information Security Management System Support: Operate and maintain the information security management system and artefacts, in compliance with ISO27001/ 27002 including the governance forum agenda and minutes. Policies and Standards: develop GRC policies, standards and procedures to monitor UKPN information security controls, exceptions … We ask that you have a detailed knowledge and practical expertise in at least 3 of the following specialist areas: - Specific Industry Standards IS / IT Operational Controls and Governance Business Continuity Planning and Disaster Recovery Supply Chain and 3rd Party Risk Management You will have problem solving skills more »
day information security compliance e.g. Malware Protection, Security Incidents, Intrusion Detection Systems, Patch management compliance etc. Other duties include; Conceptualise and implement an ISO27001:2013 and GDPR compliant management system. Manage the IT Security workstream of initiatives, in order to improve information security within the … team, conduct internal audits of the business functions with the criteria being: the Arcus management system, industry practice, applicable standards and legislation, and ISO27001:2013. Build and maintain strong relationships with internal personnel and relevant certification, registration and regulatory bodies. Create and lead the ongoing … CISM) qualification is desirable. ISO27001:2013 or ISO 9001:2015 internal audit qualification is desirable. PRINCE2 Foundation / Practitioner is desirable. Knowledge of ISO 9001:2015 is desirable. Benefits of Working at Arcus: Salary: £58,000 - £ 63,000 Up to more »
with some experience in assurance testing techniques and methodologies. Bachelor's Degree in Cybersecurity, Computer Science, Information Systems, related field or equivalent training and / or experience. Professional Information Security certification by a recognised professional body such as Certified in Information Security Management (CISM), Certified Information Systems Security Professional … always come first. An understanding of compliance and regulatory frameworks such as the National Cyber Security Centre (NCSC) Cyber Assessment Framework (CAF) and ISA /IEC 62443, ISO/IEC27001/ 27002, and GDPR. Working knowledge of security … technologies including SIEM, SOAR, EDR, AV, IDS / IPS, NAC, AD, DLP, Web Filtering, Email Filtering, Behavioural Analytics. Knowledge of adversarial tactics, techniques, procedures (TTPs) and industry standard frameworks (Mitre ATT&CK). Experience working within a regulated environment, preferably Energy sector Critical National Infrastructure (CNI more »
Leeds, West Yorkshire, Yorkshire, United Kingdom Hybrid / WFH Options
StepChange Debt Charity
whilst working closely with Technology Services colleagues to implement procedural and technical aspects of Security Operations which includes liaison and engagement with the MSSP / SOC Your role In this role you will play a key role in implementing, optimising & maintaining the network & server, along with data storage infrastructure … may contribute to improved, and cost effective service provision About you You will ideally have a sound infrastructure experience of the following AWS and / or Azure / VMware ESX / Vsphere / Active Directory / Load Balancing / IP Telephony and contact centre … in infrastructure but with a sound understanding of security (anti-virus, firewalls, access control etc) and ideally bring knowledge of Cyber Essentials Plus and ISO27001// CIS / NIST Your benefits If flexible working is important to you, then look no further! At Stepchange we are more »
security framework, including: Security Architecture policies, principles, and standards for application across the organisation. Alignment to industry standards and regulation e.g. ISO/IEC27001/ 27002 / 27005. Security specific patterns, models, and blueprints. Define as-is and to-be more »
security framework, including: Security Architecture policies, principles, and standards for application across the organisation. Alignment to industry standards and regulation e.g. ISO/IEC27001/ 27002 / 27005. Security specific patterns, models, and blueprints. Define as-is and to-be more »
security framework, including: Security Architecture policies, principles, and standards for application across the organisation. Alignment to industry standards and regulation e.g. ISO/IEC27001/ 27002 / 27005. Security specific patterns, models, and blueprints. Define as-is and to-be more »
shape and really make a difference to this exciting and meaningful program. Training and development will be invested in such as certifications in ISA /IEC 62443 & GICSP, autonomy will be huge to the role & part of a collaborative growing team of OT professionals. A few core … audits on client computer systems and network devices, particularly focusing on the nuances of Operational Technology testing. Key skills: Experience with serving critical infrastructure / industrial control systems (ICS) to include SCADA HCI systems, PLCs, RTUs, etc.). Experience completing system assessments and security audits based on technical security … frameworks such as NIST 800-53 / 800-82, ISO27001, IEC 62433, HSE OG-86, NIS-D etc. Experience designing & configuring secure networks (Switching, Routing, Firewalls). Some insightful information for you: The company will invest in your personal development through external more »
shape and really make a difference to this exciting and meaningful program. Training and development will be invested in such as certifications in ISA /IEC 62443 & GICSP, autonomy will be huge to the role & part of a collaborative growing team of OT professionals. A few core … audits on client computer systems and network devices, particularly focusing on the nuances of Operational Technology testing. Key skills: Experience with serving critical infrastructure / industrial control systems (ICS) to include SCADA HCI systems, PLCs, RTUs, etc.). Experience completing system assessments and security audits based on technical security … frameworks such as NIST 800-53 / 800-82, ISO27001, IEC 62433, HSE OG-86, NIS-D etc. Experience designing & configuring secure networks (Switching, Routing, Firewalls). Some insightful information for you: The company will invest in your personal development through external more »
background in information security, risk management, and compliance, as well as a minimum of 3 years experience in designing and delivering client-facing ISO27001 related Information Security consultancy, DPIAs and other Data Protection related services.Develop a Virtual Information Security Advisor serviceDeveloping and ISO27001 Implementation programmeManaging the existing Internal Audits Managed Service offeringYou will be responsible for carrying out Data Protection Impact Assessments for existing clients, and managing a dedicated Data Protection advisor (yet to be hired).Deliver DPIA’s for clientsYou will help clients design and implement a … DPIA questionnaires and processesPerforming DPIAsDesigning and implementing Performing Supplier due diligence processes.Oversee our organisation’s information security management system (ISMS) in accordance with ISO27001 standardsConduct risk assessments, manage the company Risk Register and Risk Treatment Plan, and oversee the programme of in-house and customer more »
desire to grow and develop the functions of the role. Roles and Responsibilities You will be expected to manage & own elements of Technical Publications / Authoring work / tasks and conform to challenging project timelines. Liaise with product suppliers to compile data and information and translate to a … variety of national / international / civil / military specifications and produce physical / electronic deliverables reflecting quality processes to a high standard of written and technical English compliant with Def Stan's and JSP's. Commission, coordinate or prepare illustrations and occasionally technical training packages … the business and align your colleagues to this activity Focus on continuous improvement - working with the engineering and production leadership teams to improve efficiency / quality during build. Experience Previous experience as a Technical Author or similar within an engineering function, preferably within the defence industry Extracting information from more »
Glasgow, Lanarkshire, Scotland, United Kingdom Hybrid / WFH Options
3173 Group
Based from Glasgow / Belfast / Manchester or Remote based on circumstance Founded in 2000, 3173 has a number of serviced offices spread across the UK, with offices in Belfast, Glasgow, London, Manchester, Birmingham, Bristol and Leeds. 3173 has several different companies within the group, including Dalriada Trustees … all Stakeholders in order to assess the suitability and resilience of our Key Suppliers. Contribute to the monitoring of an effective Business Continuity Plan / Disaster recovery plan by working with Stakeholders to update the plan and to ensure the plan is tested at least annually. Contribute to the … Required for the Role A strong quality management background obtained from significant and relevant experience in a similar role. Competence and experience in implementing / assessing / monitoring ISO management standards, ISO 9001:2015 and or ISO 27001. Experience in auditing and more »
AWS / Security / DevSecOps / Control Tower / IAM / CI / CD pipeline Are you an enthusiastic security specialist in AWS? A top-tier DevSecOps Engineer? Are you eager to take charge of the technical direction for one of the most rapidly … services and features, including IAM, VPC, EC2, S3, RDS, Lambda, and CloudFormation Strong understanding of security best practices, principles, and frameworks, such as ISO27001 controls and NIST Guidelines Experience in implementing security automation using scripting languages e.g. Python and infrastructure-as-code (IaC) tools Ability more »
Manchester, North West, United Kingdom Hybrid / WFH Options
3173 Group
Based from Glasgow / Belfast / Manchester or Remote based on circumstance Founded in 2000, 3173 has a number of serviced offices spread across the UK, with offices in Belfast, Glasgow, London, Manchester, Birmingham, Bristol and Leeds. 3173 has several different companies within the group, including Dalriada Trustees … all Stakeholders in order to assess the suitability and resilience of our Key Suppliers. Contribute to the monitoring of an effective Business Continuity Plan / Disaster recovery plan by working with Stakeholders to update the plan and to ensure the plan is tested at least annually. Contribute to the … Required for the Role A strong quality management background obtained from significant and relevant experience in a similar role. Competence and experience in implementing / assessing / monitoring ISO management standards, ISO 9001:2015 and or ISO 27001. Experience in auditing and more »
Manchester, Greater Manchester, United Kingdom Hybrid / WFH Options
Coalfire
Manchester, UKAssessment Services – AppDev / Finance / B2B / Regular Full Time / RemoteAbout CoalfireCoalfire is on a mission to make the world a safer place by solving our clients’ toughest cybersecurity challenges. We work at the cutting edge of technology to advise, assess, automate, and … against regulatory and industry requirements and standards, and against security best practice frameworks. You will have a strong understanding of framework requirements, perform audit / assessments, and develop reports for clients. You will also provide quality control and peer review to other members of the delivery staff. This role … integrity and effectiveness of security measures. You will test technical controls, policies and procedures, laws, regulations, and industry best practices.What You'll DoLead audits / assessments including audit plan preparation, review of documentation and evidence, evaluation of procedures, and client interviews. Prepare, review and approve assessment reports. Manage priorities more »
Manchester, North West, United Kingdom Hybrid / WFH Options
Smart DCC
secure solutions What are we looking for? Broad understanding of technology and security controls Experience in supporting security control frameworks, such as NIST and ISO27001/ 2. Experience of ISO27001/ ISMS implementation or audit is highly desirable. Recognised industry qualification (CISSP, CISM, CEH, CISA) Preferable Able to … translate Information Security and IT risk language into business language. Risk Management methodologies, frameworks, and standards (ISO27001, ISO31000, ITIL, COBIT) Able to build and maintain relationships and influence key stakeholders across the business. A creative and analytical mind with good stakeholder interfacing and excellent communications more »
Leatherhead, England, United Kingdom Hybrid / WFH Options
Zest
Security Steering Committee where appropriate. Security Audits and Certifications: Coordinate regular internal and external audits and address any issues raised to maintain certifications (currently ISO27001 and Cyber Essentials Plus), which are essential in demonstrating our commitment to information security to our clients. Security Training: Deliver information security awareness training for … following qualifications SaaS Experience: 3 years+ working for SaaS provider (B2B or B2B2C), where you routinely interacted with product, engineering and commercial teams. ISO27001 Implementation: 3 years+ in an information security role with direct responsibility for implementing and maintaining an ISO27001 … comprehensive range of flexible benefits Normal Working Hours 37.5 per week Location: Leatherhead House, Station Road, Leatherhead, Surrey KT22 7FG Hybrid role with office / home working split. more »
Manchester, North West, United Kingdom Hybrid / WFH Options
Eviden Technology Services Limited
solutions, and RFP documents Required skills and experience: Experience working as a Cyber security technical architect with proven experience working in commercial, public and / or industrial sectors Solid grasp of information security requirements and capabilities across different industries A depth of information technology and information security experience Experience … in design and deployment of several of the following technologies: Endpoint, network and infrastructure threat protection Cloud Security within Azure and / or AWS IAM Identity Access Management SIEM and MDR VA Vulnerability Analysis and mitigation DLP Data loss prevention PKI Public key infrastructure Ability to guide engineering teams … certification (e.g., MCSE, CCDP, CCIE, RHCA, etc.) Knowledge and understanding of UK government protective marking standards; industry standards, including PCI-DSS, ISO/IEC27001, etc. Awareness of common exploits and vulnerabilities and how these may be prevented Strong network engineering and server more »
Sheffield, South Yorkshire, Yorkshire, United Kingdom Hybrid / WFH Options
Eviden Technology Services Limited
solutions, and RFP documents Required skills and experience: Experience working as a Cyber security technical architect with proven experience working in commercial, public and / or industrial sectors Solid grasp of information security requirements and capabilities across different industries A depth of information technology and information security experience Experience … in design and deployment of several of the following technologies: Endpoint, network and infrastructure threat protection Cloud Security within Azure and / or AWS IAM Identity Access Management SIEM and MDR VA Vulnerability Analysis and mitigation DLP Data loss prevention PKI Public key infrastructure Ability to guide engineering teams … certification (e.g., MCSE, CCDP, CCIE, RHCA, etc.) Knowledge and understanding of UK government protective marking standards; industry standards, including PCI-DSS, ISO/IEC27001, etc. Awareness of common exploits and vulnerabilities and how these may be prevented Strong network engineering and server more »
Birmingham, West Midlands, United Kingdom Hybrid / WFH Options
Eviden Technology Services Limited
solutions, and RFP documents Required skills and experience: Experience working as a Cyber security technical architect with proven experience working in commercial, public and / or industrial sectors Solid grasp of information security requirements and capabilities across different industries A depth of information technology and information security experience Experience … in design and deployment of several of the following technologies: Endpoint, network and infrastructure threat protection Cloud Security within Azure and / or AWS IAM Identity Access Management SIEM and MDR VA Vulnerability Analysis and mitigation DLP Data loss prevention PKI Public key infrastructure Ability to guide engineering teams … certification (e.g., MCSE, CCDP, CCIE, RHCA, etc.) Knowledge and understanding of UK government protective marking standards; industry standards, including PCI-DSS, ISO/IEC27001, etc. Awareness of common exploits and vulnerabilities and how these may be prevented Strong network engineering and server more »
Solihull, West Midlands, United Kingdom Hybrid / WFH Options
Amtis Professional Ltd
Information Security Manager – Solihull - £69,000 DOE - Hybrid working ISO:27001, Governance Risk, Compliance, Appreciating of security technologies, Cyber Essentials, CISM, CISSP Working for a well know organization based in Solihull we are looking for an Information Security Manager to to join a company with a … have the ability to help shape a security function and grow a position with autonomy. This will help develop your knowledge in an ISO:27001 compliant environment that boasts some of the best technology in the industry with a leading and continually growing brand. General Summary … Skills and Experience Appreciation of security technologies and vendors. Knowledge of Information Security standards, legislation and practices, including GDPR & Data Protection Act 2018, ISO:27001 etc Experience in dealing with a wide range of Information Security matters and operating in an ITIL based environment. Strong problem more »
Glasgow, Lanarkshire, Scotland, United Kingdom Hybrid / WFH Options
Sanderson Recruitment
through our risk management framework and ensuring key risks are reported to the CISO. Performing regular internal security audits aligned to ISO/IEC27001 and SOC2 controls. Developing our security awareness training programme aligned with internal security policies. Comfortable engaging with customers … NCSC CAF), supporting processes and toolsets. Ability to breakdown and solve complex problems across multiple domains and successfully lead the recovery of major and / or complex security incidents. Knowledge and experience of threat hunting and problem-solving through reviewing logs and identifying anomalous activities (Desirable). For any more »
an outsourced IT Service environment is desirable. Understanding of how to certify and comply with the international standards for information security - ISO/IEC27001 Strong communication skills, networking and stakeholder management skills Must be able to work proactively and on own initiative. more »