GRC Analyst (InfoSec ISO 27001) Sunderland / WFH to £40k Are you a tech savvy GRC Analyst looking to progress your career? You could be joining a successful and growing online gaming / gambling site as they expand their European presence. As a GRC Analyst you will help to build on the existing technology group governance, risk and compliance capabilities as part of the wider Information Security programme with the ultimate aim of protecting customers and the business alike from cyber security attacks. You'll maintain and continuously improve ISO 27001 / 2 policies, standards and procedures; collaborate across teams to drive adoption and adherence to InfoSec policy and guidelines and contribute to the continuous improvement and tactical strategic roadmaps to ensure that all technology platforms meet compliance. There are a broad range of responsibilities and challenges, you'll be collaborating in advisory role where you'll build expertise. WFH Policy: There's a hybrid work from home policy with 2-3 days a week; when you're in the office you'll be collaborating with accomplished colleagues in awesome custom built offices in Sunderland with a range of facilities and perks including three, free meals a days at the onsite restaurant as well as membership at onsite gym. Requirements: You have experience of analysing security and technical compliance requirements, including performing risk assessments and designing risk treatment plans You have a strong knowledge of security and technology compliance regulations, ideally within betting although could be other industry e.g., finance You have a good understanding of governance standards and frameworks e.g., ISO 27001 / 2, PCI-DSS, NIST, ISF, GDPR You have good commercial awareness and experience of delivery security awareness within a large scale organisation You have excellent communication, collaboration and stakeholder engagement skills Salary & benefits: As a GRC Analyst you will earn a competitive salary (to £40k) plus benefits including: Bonus Pension Private medical care And a range of other perks and benefits Apply now to find out more about this GRC Analyst opportunity. At Client Server we believe in a diverse workplace that allows people to play to their strengths and continually learn. We're an equal opportunities employer whose people come from all walks of life and will never discriminate based on race, colour, religion, sex, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. The clients we work with share our values.
Apr 16, 2024
Full time
GRC Analyst (InfoSec ISO 27001) Sunderland / WFH to £40k Are you a tech savvy GRC Analyst looking to progress your career? You could be joining a successful and growing online gaming / gambling site as they expand their European presence. As a GRC Analyst you will help to build on the existing technology group governance, risk and compliance capabilities as part of the wider Information Security programme with the ultimate aim of protecting customers and the business alike from cyber security attacks. You'll maintain and continuously improve ISO 27001 / 2 policies, standards and procedures; collaborate across teams to drive adoption and adherence to InfoSec policy and guidelines and contribute to the continuous improvement and tactical strategic roadmaps to ensure that all technology platforms meet compliance. There are a broad range of responsibilities and challenges, you'll be collaborating in advisory role where you'll build expertise. WFH Policy: There's a hybrid work from home policy with 2-3 days a week; when you're in the office you'll be collaborating with accomplished colleagues in awesome custom built offices in Sunderland with a range of facilities and perks including three, free meals a days at the onsite restaurant as well as membership at onsite gym. Requirements: You have experience of analysing security and technical compliance requirements, including performing risk assessments and designing risk treatment plans You have a strong knowledge of security and technology compliance regulations, ideally within betting although could be other industry e.g., finance You have a good understanding of governance standards and frameworks e.g., ISO 27001 / 2, PCI-DSS, NIST, ISF, GDPR You have good commercial awareness and experience of delivery security awareness within a large scale organisation You have excellent communication, collaboration and stakeholder engagement skills Salary & benefits: As a GRC Analyst you will earn a competitive salary (to £40k) plus benefits including: Bonus Pension Private medical care And a range of other perks and benefits Apply now to find out more about this GRC Analyst opportunity. At Client Server we believe in a diverse workplace that allows people to play to their strengths and continually learn. We're an equal opportunities employer whose people come from all walks of life and will never discriminate based on race, colour, religion, sex, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. The clients we work with share our values.
.A highly regarded and successful Bristol institution is seeking a meticulous Information Security Analyst as part of a wider restructure of their Cyber Security function. In a role offering hybrid working (requirement of only 2 days per week on site), this role suits a Cyber Security professional who is passionate about the development and implementation of controls, and is passionate about their own career development. A short summary of the duties involved includes, and is not limited to: Establish and maintain internal guidelines for information security, ensuring alignment with industry standards and regulations. Conduct regular reviews of policies to ensure compliance and offer support on security matters. Assist with the Information Security Awareness For Everyone (SAFE) initiative. Evaluate internal controls through reviews, produce compliance reports, and develop action plans. Coordinate with auditors for assessments and oversee risk registers. Collaborate with stakeholders to implement security controls for critical systems. Assess and monitor third-party security using established criteria. Schedule routine security assessments. Work with internal teams to implement preventive measures based on incident findings. Maintain accurate compliance records and provide reports to relevant parties. Support the improvement of the Information Security Management System (ISMS) and stay abreast of industry developments. Requirements: Demonstrated expertise in conducting evaluations of IT/Cyber security controls. At least four years of relevant experience in IT, information security, or program management roles, with a focus on Governance, Risk, and Compliance (GRC) initiatives preferred. Diverse analytical skills gained from involvement in various IT and/or business projects. Proficiency in solution management, encompassing requirements analysis, solution proposal, progress monitoring, and benefits assessment. Familiarity with Information security frameworks and adherence to compliance standards such as ISO27001, Cyber Essentials Plus, NIST, SOC2, and PCI-DSS.
Apr 16, 2024
Full time
.A highly regarded and successful Bristol institution is seeking a meticulous Information Security Analyst as part of a wider restructure of their Cyber Security function. In a role offering hybrid working (requirement of only 2 days per week on site), this role suits a Cyber Security professional who is passionate about the development and implementation of controls, and is passionate about their own career development. A short summary of the duties involved includes, and is not limited to: Establish and maintain internal guidelines for information security, ensuring alignment with industry standards and regulations. Conduct regular reviews of policies to ensure compliance and offer support on security matters. Assist with the Information Security Awareness For Everyone (SAFE) initiative. Evaluate internal controls through reviews, produce compliance reports, and develop action plans. Coordinate with auditors for assessments and oversee risk registers. Collaborate with stakeholders to implement security controls for critical systems. Assess and monitor third-party security using established criteria. Schedule routine security assessments. Work with internal teams to implement preventive measures based on incident findings. Maintain accurate compliance records and provide reports to relevant parties. Support the improvement of the Information Security Management System (ISMS) and stay abreast of industry developments. Requirements: Demonstrated expertise in conducting evaluations of IT/Cyber security controls. At least four years of relevant experience in IT, information security, or program management roles, with a focus on Governance, Risk, and Compliance (GRC) initiatives preferred. Diverse analytical skills gained from involvement in various IT and/or business projects. Proficiency in solution management, encompassing requirements analysis, solution proposal, progress monitoring, and benefits assessment. Familiarity with Information security frameworks and adherence to compliance standards such as ISO27001, Cyber Essentials Plus, NIST, SOC2, and PCI-DSS.
I nformation Security Analyst (GRC) Are you passionate about driving information security to new heights?We are seeking an Information Security Analyst (GRC) to join a leading law firm in London. In this role, you will implement crucial information security tasks, supporting the Head of Information Security (CISO) navigating two key streams in the organisational structure: Policy & Compliance and Operations. The role offers hybrid working, 3 days a week in the London office. Roles and Responsibilities: Assess vendor security aligned with ISO27001, NIST, CIS, and Cyber Essentials. Manage policy updates, risk tracking, and certification programs. Maintain information security tools and reporting activities. Support internal and external audits. Collaborate for tests, vulnerability uncovering, and audit trail. Drive security-by-design and incident management. Qualifications and Experience: CISA, ISO/IEC 27001 Lead Auditor, or Implementer qualification. Experience in Audit, Risk programs coordination. CISSP, CISM, CISA or ISO certifications advantageous. Strong background in information security and risk. Proficiency in network testing, firewalls, SIEM, etc. Ability to mitigate vulnerabilities, manage patches. GRC experience in Infrastructure or Audit roles. If you are ready to elevate your career in Information Security with a dynamic and forward-thinking firm, we invite you to click 'apply' now.
Apr 15, 2024
Full time
I nformation Security Analyst (GRC) Are you passionate about driving information security to new heights?We are seeking an Information Security Analyst (GRC) to join a leading law firm in London. In this role, you will implement crucial information security tasks, supporting the Head of Information Security (CISO) navigating two key streams in the organisational structure: Policy & Compliance and Operations. The role offers hybrid working, 3 days a week in the London office. Roles and Responsibilities: Assess vendor security aligned with ISO27001, NIST, CIS, and Cyber Essentials. Manage policy updates, risk tracking, and certification programs. Maintain information security tools and reporting activities. Support internal and external audits. Collaborate for tests, vulnerability uncovering, and audit trail. Drive security-by-design and incident management. Qualifications and Experience: CISA, ISO/IEC 27001 Lead Auditor, or Implementer qualification. Experience in Audit, Risk programs coordination. CISSP, CISM, CISA or ISO certifications advantageous. Strong background in information security and risk. Proficiency in network testing, firewalls, SIEM, etc. Ability to mitigate vulnerabilities, manage patches. GRC experience in Infrastructure or Audit roles. If you are ready to elevate your career in Information Security with a dynamic and forward-thinking firm, we invite you to click 'apply' now.
The Associate Due Diligence Analyst position requires a highly diligent and analytic individual with a keen interest in information security. It is a fully remote role, reporting to the Senior Analyst Client Details The company is a medium sized global business, they are now expanding their 3rd party Due Diligence team. Description Conduct thorough assessments of third-party vendor's information security policies, procedures, and controls. Evaluate vendor's security controls against industry standards Analyse vendor security questionnaires and documentation to assess risk and compliance with contractual security requirements. Collaborate closely with internal stakeholders, including Legal, Procurement, and IT, to ensure alignment on vendor security requirements and risk mitigation strategies. Prepare detailed reports and recommendations based on assessment findings to support decision-making and vendor management processes. Monitor and track remediation efforts for identified security issues and follow up with vendors as needed to ensure timely resolution. Profile Around 1 year experience in either one of Due Diligence, 3rd Party Assurance, QA, IT GRC or IT Audit Good analytic and evaluation skills With formal training in Information / IT assessment and evaluation Job Offer Remote working arrangement with comprehensive benefits
Apr 11, 2024
Full time
The Associate Due Diligence Analyst position requires a highly diligent and analytic individual with a keen interest in information security. It is a fully remote role, reporting to the Senior Analyst Client Details The company is a medium sized global business, they are now expanding their 3rd party Due Diligence team. Description Conduct thorough assessments of third-party vendor's information security policies, procedures, and controls. Evaluate vendor's security controls against industry standards Analyse vendor security questionnaires and documentation to assess risk and compliance with contractual security requirements. Collaborate closely with internal stakeholders, including Legal, Procurement, and IT, to ensure alignment on vendor security requirements and risk mitigation strategies. Prepare detailed reports and recommendations based on assessment findings to support decision-making and vendor management processes. Monitor and track remediation efforts for identified security issues and follow up with vendors as needed to ensure timely resolution. Profile Around 1 year experience in either one of Due Diligence, 3rd Party Assurance, QA, IT GRC or IT Audit Good analytic and evaluation skills With formal training in Information / IT assessment and evaluation Job Offer Remote working arrangement with comprehensive benefits
Role : ServiceNow GRC Architect Location: London The company: Wipro is an exciting organisation to work for. We ranked as a "Top Employer" as part of the Top Employer Institute annual listings. We were assessed on several key HR practices including Diversity and Inclusion. This is accompanied by exciting business growth in the last six-quarters. The Role: As a ServiceNow Technical Lead / Solution Architect operating across the enterprise within the capability team, you will be responsible for leading scoping, design, development, and implementation activities across client projects to deliver world class ServiceNow-based solutions. You must analyse new business requirements and their correct technical implementation solutions using industry best practices. You will work closely with client engagement leads, ServiceNow architects, connected service teams, project managers, business analysts, developers, and testers to guide the design through to implementation and beyond whilst ensuring company risk and quality standards are adhered to. Responsibilities: Lead the technical delivery of projects based on the ServiceNow platform: • Define technical solutions (at an architectural and design level of detail) • Provide technical leadership and mentoring to junior architects and offshore development teams • Deliver compelling solution demonstrations across the ServiceNow platform • Design and deliver technical integrations between ServiceNow, client IT and business services • Hands-on experience in the new UI ServiceNow has brought into the platform, like, Workspace, Generative AI, MS Office integration, Self Service Portal etc. • Good experience in integrating ServiceNow platform apps with external systems like SAP, Workday, Coupa, or any other GRC tools like Archer, and MetricStream. • Assist development teams in resolving complex technical issues through all stages of the project lifecycle. • The continuous growth of knowledge around the ServiceNow platform through certifications, internal/external webinars, case studies, training, community, and other resources. • Ability to establish deep and lasting relationships with clients and team members to enhance the reputation of the company as an advisor of choice • Support the ServiceNow presales opportunity lifecycle • Build constructive, working relationships with companies' global network of ServiceNow resources • Contribute to the development of companies ServiceNow product roadmap. • Ensure the project delivery team complies with companies' solution architecture standards and frameworks • Operate as a member of the wider company's community, sharing knowledge across functions and building your network within the firm. Required Skills & Experience: • Proven experience in consulting / professional services and technical delivery. • A proven track record of delivering complex technology projects on the ServiceNow platform on time and budget as a Solution Architect. • Experience in leading offshore development teams and working with engagement leads, project managers and business analysts to deliver enterprise wide ServiceNow solutions. • Certified ServiceNow System Administrator. • Certified Implementation Specialist in at least 1 product suite ( Risk and Compliance, SecOps , HRSD). • Certified in ITIL Foundation (v3 or v4). • Strong expertise in scripting on the ServiceNow platform using JavaScript, CSS, and Angular JS: Flows, Business Rules, Client Scripts, UI Actions, Widgets and UI Pages. • Deep understanding of the key technologies relevant to the ServiceNow integration solutions including Integration Hub, SSO, Web Services, LDAP, JDBC, etc. • Experience with delivering solutions in complex client environments. • Understanding of common business analysis techniques and approaches. • Experience with agile and traditional software and project methodologies. • Able to communicate with impact, in a way that is open, honest, consistent, and clear to influence and align stakeholders around a proposed approach. • Strong negotiator, influencer, and team player, used to managing multiple stakeholders in demanding time-critical situations. • Strong drive and resilience to overcome challenges or setbacks to achieve your team/project/client goals. • Passionate about areas of expertise, managing your development by learning continuously from experience and seeking out development opportunities. Benefits: You will receive a competitive salary, a generous benefits package, training, and development, as well as an exciting career within a fast paced and dynamic business. The benefits include; Contributory pension Extra holiday purchase Life insurance policy Private medical insurance Equal Opportunities: Wipro is an advocate for positive change and conscious inclusion. As a global employer, we strive to create a diverse Wipro family by remaining committed to the development of our culture, diversity, equality, and inclusion in the workplace. All applicants welcome. GRC Consulting
Apr 10, 2024
Full time
Role : ServiceNow GRC Architect Location: London The company: Wipro is an exciting organisation to work for. We ranked as a "Top Employer" as part of the Top Employer Institute annual listings. We were assessed on several key HR practices including Diversity and Inclusion. This is accompanied by exciting business growth in the last six-quarters. The Role: As a ServiceNow Technical Lead / Solution Architect operating across the enterprise within the capability team, you will be responsible for leading scoping, design, development, and implementation activities across client projects to deliver world class ServiceNow-based solutions. You must analyse new business requirements and their correct technical implementation solutions using industry best practices. You will work closely with client engagement leads, ServiceNow architects, connected service teams, project managers, business analysts, developers, and testers to guide the design through to implementation and beyond whilst ensuring company risk and quality standards are adhered to. Responsibilities: Lead the technical delivery of projects based on the ServiceNow platform: • Define technical solutions (at an architectural and design level of detail) • Provide technical leadership and mentoring to junior architects and offshore development teams • Deliver compelling solution demonstrations across the ServiceNow platform • Design and deliver technical integrations between ServiceNow, client IT and business services • Hands-on experience in the new UI ServiceNow has brought into the platform, like, Workspace, Generative AI, MS Office integration, Self Service Portal etc. • Good experience in integrating ServiceNow platform apps with external systems like SAP, Workday, Coupa, or any other GRC tools like Archer, and MetricStream. • Assist development teams in resolving complex technical issues through all stages of the project lifecycle. • The continuous growth of knowledge around the ServiceNow platform through certifications, internal/external webinars, case studies, training, community, and other resources. • Ability to establish deep and lasting relationships with clients and team members to enhance the reputation of the company as an advisor of choice • Support the ServiceNow presales opportunity lifecycle • Build constructive, working relationships with companies' global network of ServiceNow resources • Contribute to the development of companies ServiceNow product roadmap. • Ensure the project delivery team complies with companies' solution architecture standards and frameworks • Operate as a member of the wider company's community, sharing knowledge across functions and building your network within the firm. Required Skills & Experience: • Proven experience in consulting / professional services and technical delivery. • A proven track record of delivering complex technology projects on the ServiceNow platform on time and budget as a Solution Architect. • Experience in leading offshore development teams and working with engagement leads, project managers and business analysts to deliver enterprise wide ServiceNow solutions. • Certified ServiceNow System Administrator. • Certified Implementation Specialist in at least 1 product suite ( Risk and Compliance, SecOps , HRSD). • Certified in ITIL Foundation (v3 or v4). • Strong expertise in scripting on the ServiceNow platform using JavaScript, CSS, and Angular JS: Flows, Business Rules, Client Scripts, UI Actions, Widgets and UI Pages. • Deep understanding of the key technologies relevant to the ServiceNow integration solutions including Integration Hub, SSO, Web Services, LDAP, JDBC, etc. • Experience with delivering solutions in complex client environments. • Understanding of common business analysis techniques and approaches. • Experience with agile and traditional software and project methodologies. • Able to communicate with impact, in a way that is open, honest, consistent, and clear to influence and align stakeholders around a proposed approach. • Strong negotiator, influencer, and team player, used to managing multiple stakeholders in demanding time-critical situations. • Strong drive and resilience to overcome challenges or setbacks to achieve your team/project/client goals. • Passionate about areas of expertise, managing your development by learning continuously from experience and seeking out development opportunities. Benefits: You will receive a competitive salary, a generous benefits package, training, and development, as well as an exciting career within a fast paced and dynamic business. The benefits include; Contributory pension Extra holiday purchase Life insurance policy Private medical insurance Equal Opportunities: Wipro is an advocate for positive change and conscious inclusion. As a global employer, we strive to create a diverse Wipro family by remaining committed to the development of our culture, diversity, equality, and inclusion in the workplace. All applicants welcome. GRC Consulting
.A highly regarded and successful Bristol institution is seeking a meticulous Information Security Analyst as part of a wider restructure of their Cyber Security function.In a role offering hybrid working (requirement of only 2 days per week on site), this role suits a Cyber Security professional who is passionate about the development and implementation of controls, and is passionate about their own career development.A short summary of the duties involved includes, and is not limited to: Establish and maintain internal guidelines for information security, ensuring alignment with industry standards and regulations. Conduct regular reviews of policies to ensure compliance and offer support on security matters. Assist with the Information Security Awareness For Everyone (SAFE) initiative. Evaluate internal controls through reviews, produce compliance reports, and develop action plans. Coordinate with auditors for assessments and oversee risk registers. Collaborate with stakeholders to implement security controls for critical systems. Assess and monitor third-party security using established criteria. Schedule routine security assessments. Work with internal teams to implement preventive measures based on incident findings. Maintain accurate compliance records and provide reports to relevant parties. Support the improvement of the Information Security Management System (ISMS) and stay abreast of industry developments. Requirements: Demonstrated expertise in conducting evaluations of IT/Cyber security controls. At least four years of relevant experience in IT, information security, or program management roles, with a focus on Governance, Risk, and Compliance (GRC) initiatives preferred. Diverse analytical skills gained from involvement in various IT and/or business projects. Proficiency in solution management, encompassing requirements analysis, solution proposal, progress monitoring, and benefits assessment. Familiarity with Information security frameworks and adherence to compliance standards such as ISO27001, Cyber Essentials Plus, NIST, SOC2, and PCI-DSS.
Apr 08, 2024
Full time
.A highly regarded and successful Bristol institution is seeking a meticulous Information Security Analyst as part of a wider restructure of their Cyber Security function.In a role offering hybrid working (requirement of only 2 days per week on site), this role suits a Cyber Security professional who is passionate about the development and implementation of controls, and is passionate about their own career development.A short summary of the duties involved includes, and is not limited to: Establish and maintain internal guidelines for information security, ensuring alignment with industry standards and regulations. Conduct regular reviews of policies to ensure compliance and offer support on security matters. Assist with the Information Security Awareness For Everyone (SAFE) initiative. Evaluate internal controls through reviews, produce compliance reports, and develop action plans. Coordinate with auditors for assessments and oversee risk registers. Collaborate with stakeholders to implement security controls for critical systems. Assess and monitor third-party security using established criteria. Schedule routine security assessments. Work with internal teams to implement preventive measures based on incident findings. Maintain accurate compliance records and provide reports to relevant parties. Support the improvement of the Information Security Management System (ISMS) and stay abreast of industry developments. Requirements: Demonstrated expertise in conducting evaluations of IT/Cyber security controls. At least four years of relevant experience in IT, information security, or program management roles, with a focus on Governance, Risk, and Compliance (GRC) initiatives preferred. Diverse analytical skills gained from involvement in various IT and/or business projects. Proficiency in solution management, encompassing requirements analysis, solution proposal, progress monitoring, and benefits assessment. Familiarity with Information security frameworks and adherence to compliance standards such as ISO27001, Cyber Essentials Plus, NIST, SOC2, and PCI-DSS.
Job Title: Governance, Risk, Compliance (GRC) Information Security Analyst Salary: Up to £85,000 + Great bonus and benefits package Hybrid Model: 2 days per week in Central London, 3 days remote Office Location: Liverpool Street area About the Client and the Role: My client, a highly prestigious, globally renowned name in financial services is seeking an experienced GRC Analyst to provide analysis of existing and constantly progressing security systems. Responsibilities and Areas of Focus: BAU activities supporting GRC and Information Security Driving risk capture, analysis and reporting Audit oversight ie understanding audit scope and controls being assessed, the resulting Findings and overseeing remediation effort. Detailed auditing and documentation of security projects Analysis and reporting of information security Managing complex data sets and creating detailed reports Presenting/Reporting to key stakeholders (both written and verbal) Risk management frameworks and assessing technology risk. Candidate Experience/Knowledge: Professional background in Information Security Analysis Experience in financial environments Outstanding communication skills (verbal & written) Experience with stakeholders Demonstrable experience auditing and documenting complex information security projects Experience working with Regulatory bodies eg FCA, BoE Knowledge of technology within a financial/trading environment
Aug 17, 2023
Full time
Job Title: Governance, Risk, Compliance (GRC) Information Security Analyst Salary: Up to £85,000 + Great bonus and benefits package Hybrid Model: 2 days per week in Central London, 3 days remote Office Location: Liverpool Street area About the Client and the Role: My client, a highly prestigious, globally renowned name in financial services is seeking an experienced GRC Analyst to provide analysis of existing and constantly progressing security systems. Responsibilities and Areas of Focus: BAU activities supporting GRC and Information Security Driving risk capture, analysis and reporting Audit oversight ie understanding audit scope and controls being assessed, the resulting Findings and overseeing remediation effort. Detailed auditing and documentation of security projects Analysis and reporting of information security Managing complex data sets and creating detailed reports Presenting/Reporting to key stakeholders (both written and verbal) Risk management frameworks and assessing technology risk. Candidate Experience/Knowledge: Professional background in Information Security Analysis Experience in financial environments Outstanding communication skills (verbal & written) Experience with stakeholders Demonstrable experience auditing and documenting complex information security projects Experience working with Regulatory bodies eg FCA, BoE Knowledge of technology within a financial/trading environment
Senior Information Security Analyst (ISO27001/GRC) The successful candidate will report to the Information Security Manager and will work with the business and the wider information security team to ensure the appropriate controls, policies and procedures are in place to protect the information of the organisation in-line with internal information security principles (ie ISO27001 and CE+) as well as regulatory legislation. Responsibilities: - Develop and implement information security policies, standards and documentation ensuring compliance with all applicable legal or regulatory legislation - Work as an Information Security Auditor to define, maintain and implement an audit framework and schedule in compliance with security polices and standards - Maintain certification to ISO27001 and Cyber Essentials Plus against a backdrop of evolving regulations, technology and processes - Maintain the cyber incident management process and develop the appropriate document repositories, policy documents, operational schedules and processes Required Skills/Experience: - Experience of operating in a similar role within the framework of and adhering to requirements of ISO27001 and Cyber Essentials Plus or similar standards - Experience in preparing documentation and guidance for others - Experience of aligning technology solutions with best practice and IT security policies and guidelines - Experience in related supplier management, with vendors and resellers - Knowledge of Azure, encryption key management and cloud-based services such as M365 Senior Information Security Analyst (ISO27001/GRC) In accordance with the Employment Agencies and Employment Businesses Regulations 2003, this position is advertised based upon DGH Recruitment Limited having first sought approval of its client to find candidates for this position. DGH Recruitment Limited acts as both an Employment Agency and Employment Business
Feb 03, 2022
Full time
Senior Information Security Analyst (ISO27001/GRC) The successful candidate will report to the Information Security Manager and will work with the business and the wider information security team to ensure the appropriate controls, policies and procedures are in place to protect the information of the organisation in-line with internal information security principles (ie ISO27001 and CE+) as well as regulatory legislation. Responsibilities: - Develop and implement information security policies, standards and documentation ensuring compliance with all applicable legal or regulatory legislation - Work as an Information Security Auditor to define, maintain and implement an audit framework and schedule in compliance with security polices and standards - Maintain certification to ISO27001 and Cyber Essentials Plus against a backdrop of evolving regulations, technology and processes - Maintain the cyber incident management process and develop the appropriate document repositories, policy documents, operational schedules and processes Required Skills/Experience: - Experience of operating in a similar role within the framework of and adhering to requirements of ISO27001 and Cyber Essentials Plus or similar standards - Experience in preparing documentation and guidance for others - Experience of aligning technology solutions with best practice and IT security policies and guidelines - Experience in related supplier management, with vendors and resellers - Knowledge of Azure, encryption key management and cloud-based services such as M365 Senior Information Security Analyst (ISO27001/GRC) In accordance with the Employment Agencies and Employment Businesses Regulations 2003, this position is advertised based upon DGH Recruitment Limited having first sought approval of its client to find candidates for this position. DGH Recruitment Limited acts as both an Employment Agency and Employment Business
Title: Security Metrics and Data Reporting Analyst Rate 569.29 Per Day, Via Umbrella, Inside IR35 Location: Brentford Number of Position: 2 LOA: Initially 6 months We are currently seeking a Security Metrics and Data Reporting Analyst to join our Cyber Risk Assurance Team. Security Metrics and Data Reporting Analyst will be responsible for implementing Power BI tools and developing techniques along with integration of GRC Tools for measuring and reporting technical performance metrics as well developing and running reports on regular schedules. Other responsibilities include maintaining of performance metrics, collecting, validating, interpreting, and organizing various types of data into meaningful reports and/or summaries for designated audiences.
Jan 10, 2022
Contractor
Title: Security Metrics and Data Reporting Analyst Rate 569.29 Per Day, Via Umbrella, Inside IR35 Location: Brentford Number of Position: 2 LOA: Initially 6 months We are currently seeking a Security Metrics and Data Reporting Analyst to join our Cyber Risk Assurance Team. Security Metrics and Data Reporting Analyst will be responsible for implementing Power BI tools and developing techniques along with integration of GRC Tools for measuring and reporting technical performance metrics as well developing and running reports on regular schedules. Other responsibilities include maintaining of performance metrics, collecting, validating, interpreting, and organizing various types of data into meaningful reports and/or summaries for designated audiences.
SAP Security Analyst Salary- circa £45,000 depending upon skills and experience? Location: Lincoln / Huntingdon Permanent - full time (37 hours per week) Anglian water uses SAP as its core central ERP system. It holds critical data relating to finance, assets, customers and business processes. It is the heart of our IT business landscape and underpins the business operations. Protecting this data from fraud, cyber-attack and misuse is a top priority for the business. The availability and integrity of information is vital to our water operations, as well as our customer and support services.? What will you be doing?? The purpose of this role is to ensure that the risk of fraud and misuse of data held in SAP is minimised and is managed appropriately through the design, build and provisioning of appropriate access that fully meets the needs of our customers. You will work with outsourced IT specialists, project teams and AW business managers to?analyse & understand the risks associated?with their area of the business then design and develop SAP Security authorisation concepts based on SAP best practice and business policies. Review project/change documents. Analyse & understand the risks associated with application security exposures and provide solutions to eliminate or reduce these exposures.?Ensure projects deliver solutions that will fit into the business-as-usual process without adding more risk? Liaise with?internal/external?auditors?to provide necessary information during audits.? This role would also be expected to work on the continuous improvement of SAP security support processes. Key responsibilities include:? Perform a review all access requests to identify risks and feed back to the training team scheduler or requestors when these requests will give users risks that are not currently controlled Ensure correct approvals are provided before access is provisioned and ensure these are kept as evidence for internal and external auditors on the User Provisioning Process. Provide expert advice to SAP training team, business managers and projects around SAP Security user provisioning processes to ensure that security risks are reduced. Provisioning SAP access for business users after completion of training Provide least risk access to our 3rd party partners to ensure risks are kept to a minimum, working with them to provide the correct access for projects and system refreshes etc Administrator for all the SAP systems in Anglian Water's landscape, ensuring that the correct access is provided according to the system and the data contained in each Responsible for the CUA (Central User Administrator) system, this system enables efficient account creation and password resets to all the connected SAP systems . What do you need? Experience in a similar role is preferred Experience of ECC 6, SAP Gateway, Fiori, S4 Hana, Portals, CUA, GRC SAP ADM900 - SAP System Security Fundamentals SAP ADM920 - SAP Identity Management SAP ADM940 - AS ABAP - Authorisation Concept SAPEPE - Fundamentals' (Portal) WCHGRC Overview SAP GRC Ideally would have experience of the following technology:? Service Now?or other on-line service desk systems? Microsoft applications?Excel, Word?or?Access databases? With the above experience in line with our Company Behaviours, we'll need you to 'Build Trust' with those you will work with, 'Do the Right Thing'. What benefits do we offer?? Being a successful water company doesn't come easy! Our people are important to us and we want to make sure that we reward and recognise?all of?the great work that they do. Some of our benefits include:? Bonus scheme? Private health care? Competitive pension scheme? 26 days annual leave rising with length of service? Flexible benefits to support your wellbeing? Flexible working (dependent on your role)? Plus?lots more!? We are passionate and committed to the learning and development of our people making sure they have the right skills and knowledge to be successful and to help achieve their potential. We also take Health and Safety very seriously in everything that we do.? If you are offered a job with us, you'll be subject to the relevant/standard employment checks, including: your right to work in the UK, reference, driving licence and identity check. Depending on your role, you may also be subject to further pre-employment checks.? Working Location The challenges of the pandemic have allowed us to accelerate our AMP7 plans to adopt a more agile workforce. We recognise that work has become a thing we do, rather than a place we go so we're open to remote working as part of the team so don't feel this is a barrier to applying. That said, we'd like you to be comfortable in travelling into our main campus sites at either Lincoln or Huntingdon on occasion.? Closing date: 27/10/2021
Nov 04, 2021
Full time
SAP Security Analyst Salary- circa £45,000 depending upon skills and experience? Location: Lincoln / Huntingdon Permanent - full time (37 hours per week) Anglian water uses SAP as its core central ERP system. It holds critical data relating to finance, assets, customers and business processes. It is the heart of our IT business landscape and underpins the business operations. Protecting this data from fraud, cyber-attack and misuse is a top priority for the business. The availability and integrity of information is vital to our water operations, as well as our customer and support services.? What will you be doing?? The purpose of this role is to ensure that the risk of fraud and misuse of data held in SAP is minimised and is managed appropriately through the design, build and provisioning of appropriate access that fully meets the needs of our customers. You will work with outsourced IT specialists, project teams and AW business managers to?analyse & understand the risks associated?with their area of the business then design and develop SAP Security authorisation concepts based on SAP best practice and business policies. Review project/change documents. Analyse & understand the risks associated with application security exposures and provide solutions to eliminate or reduce these exposures.?Ensure projects deliver solutions that will fit into the business-as-usual process without adding more risk? Liaise with?internal/external?auditors?to provide necessary information during audits.? This role would also be expected to work on the continuous improvement of SAP security support processes. Key responsibilities include:? Perform a review all access requests to identify risks and feed back to the training team scheduler or requestors when these requests will give users risks that are not currently controlled Ensure correct approvals are provided before access is provisioned and ensure these are kept as evidence for internal and external auditors on the User Provisioning Process. Provide expert advice to SAP training team, business managers and projects around SAP Security user provisioning processes to ensure that security risks are reduced. Provisioning SAP access for business users after completion of training Provide least risk access to our 3rd party partners to ensure risks are kept to a minimum, working with them to provide the correct access for projects and system refreshes etc Administrator for all the SAP systems in Anglian Water's landscape, ensuring that the correct access is provided according to the system and the data contained in each Responsible for the CUA (Central User Administrator) system, this system enables efficient account creation and password resets to all the connected SAP systems . What do you need? Experience in a similar role is preferred Experience of ECC 6, SAP Gateway, Fiori, S4 Hana, Portals, CUA, GRC SAP ADM900 - SAP System Security Fundamentals SAP ADM920 - SAP Identity Management SAP ADM940 - AS ABAP - Authorisation Concept SAPEPE - Fundamentals' (Portal) WCHGRC Overview SAP GRC Ideally would have experience of the following technology:? Service Now?or other on-line service desk systems? Microsoft applications?Excel, Word?or?Access databases? With the above experience in line with our Company Behaviours, we'll need you to 'Build Trust' with those you will work with, 'Do the Right Thing'. What benefits do we offer?? Being a successful water company doesn't come easy! Our people are important to us and we want to make sure that we reward and recognise?all of?the great work that they do. Some of our benefits include:? Bonus scheme? Private health care? Competitive pension scheme? 26 days annual leave rising with length of service? Flexible benefits to support your wellbeing? Flexible working (dependent on your role)? Plus?lots more!? We are passionate and committed to the learning and development of our people making sure they have the right skills and knowledge to be successful and to help achieve their potential. We also take Health and Safety very seriously in everything that we do.? If you are offered a job with us, you'll be subject to the relevant/standard employment checks, including: your right to work in the UK, reference, driving licence and identity check. Depending on your role, you may also be subject to further pre-employment checks.? Working Location The challenges of the pandemic have allowed us to accelerate our AMP7 plans to adopt a more agile workforce. We recognise that work has become a thing we do, rather than a place we go so we're open to remote working as part of the team so don't feel this is a barrier to applying. That said, we'd like you to be comfortable in travelling into our main campus sites at either Lincoln or Huntingdon on occasion.? Closing date: 27/10/2021
Security Analyst required to work for a Government department. This is an initial 12-month contract, paying £560 a day, inside IR35, hybrid working with at least 2 days a week in the London based office. Key Responsibilities: *Advice and support Business Managers, Senior Risk Owners and the Executive Team within Digital to ensure effective security risk measures are in place on delivery. *Ensure that all first line risk managers identify, assess and report all security risks and vulnerabilities and that incidents are actioned. *Ensuring consistency in approach for the delivery of risk-informed decisions regarding current and future security investments *Ensure consistency to protect the Department's assets and transform the Department's security architecture. *Highlight the strengths and weaknesses of security risk controls across the Department. *Manage the identification, assessment and remediation of security risks across the business, and the risk management lifecycle. *Work with business and technology stakeholders to develop, update or review security risk assessments and security risk management plans, providing a holistic and strategic view of delivery as required. *Work closely with internal and external stakeholders, to identify threats, vulnerabilities and how the resilience of the IT Infrastructure can be improved. *Identify, assess and measure emerging security risks and report to programme and senior stakeholders based on current trends and issues across Digital and the external environment. *Undertake Controls testing of counter measures to provide added assurance and feed results back into the risk assessment. *Mentor, support, supervise, knowledge transfer and line manage junior members of the team. Essential Skills / Criteria: *Governance, Risk and Compliance Professional (GRCP) qualification. *Certified in Risk and Information Systems Controls (CRISC) or equivalent risk management qualifications *Proven knowledge of risk management - identification, assessment, risk response and mitigation, control monitoring and reporting. * *ISO27005 Certified ISMS Risk Management (CIS RM) qualification (ISO 17024-certificated) *Experience of undertaking information assurance reviews such as ISO27001 assurance. *Certified Information Systems Security Manager (CISSP) or an equivalent security qualification. *Certified Information Security Manager (CISM) or an equivalent security qualification. Desirable Skills: *SC Clearance Please apply should you meet the above criteria. Badenoch + Clark acts as an employment agency for permanent recruitment and an employment business for the supply of temporary workers. Badenoch + Clark UK is an Equal Opportunities Employer. By applying for this role your details will be submitted to Badenoch + Clark. Our Candidate Privacy Information Statement explains how we will use your information - please copy and paste the following link in to your browser: https://en-gb/candidate-privacy
Oct 07, 2021
Contractor
Security Analyst required to work for a Government department. This is an initial 12-month contract, paying £560 a day, inside IR35, hybrid working with at least 2 days a week in the London based office. Key Responsibilities: *Advice and support Business Managers, Senior Risk Owners and the Executive Team within Digital to ensure effective security risk measures are in place on delivery. *Ensure that all first line risk managers identify, assess and report all security risks and vulnerabilities and that incidents are actioned. *Ensuring consistency in approach for the delivery of risk-informed decisions regarding current and future security investments *Ensure consistency to protect the Department's assets and transform the Department's security architecture. *Highlight the strengths and weaknesses of security risk controls across the Department. *Manage the identification, assessment and remediation of security risks across the business, and the risk management lifecycle. *Work with business and technology stakeholders to develop, update or review security risk assessments and security risk management plans, providing a holistic and strategic view of delivery as required. *Work closely with internal and external stakeholders, to identify threats, vulnerabilities and how the resilience of the IT Infrastructure can be improved. *Identify, assess and measure emerging security risks and report to programme and senior stakeholders based on current trends and issues across Digital and the external environment. *Undertake Controls testing of counter measures to provide added assurance and feed results back into the risk assessment. *Mentor, support, supervise, knowledge transfer and line manage junior members of the team. Essential Skills / Criteria: *Governance, Risk and Compliance Professional (GRCP) qualification. *Certified in Risk and Information Systems Controls (CRISC) or equivalent risk management qualifications *Proven knowledge of risk management - identification, assessment, risk response and mitigation, control monitoring and reporting. * *ISO27005 Certified ISMS Risk Management (CIS RM) qualification (ISO 17024-certificated) *Experience of undertaking information assurance reviews such as ISO27001 assurance. *Certified Information Systems Security Manager (CISSP) or an equivalent security qualification. *Certified Information Security Manager (CISM) or an equivalent security qualification. Desirable Skills: *SC Clearance Please apply should you meet the above criteria. Badenoch + Clark acts as an employment agency for permanent recruitment and an employment business for the supply of temporary workers. Badenoch + Clark UK is an Equal Opportunities Employer. By applying for this role your details will be submitted to Badenoch + Clark. Our Candidate Privacy Information Statement explains how we will use your information - please copy and paste the following link in to your browser: https://en-gb/candidate-privacy
My client, a global insurance company, is seeking a Cloud Controls Analyst to join its Compliance and Controls team (part of the GRC function) on a long-term contractual basis. This team conduct second line of defence testing for controls including those relating to the Security and Availability Trust Principles within SOC2. The successful Cloud Controls Analyst will support the delivery of cloud control testing in the areas of information & cyber security, technology and cloud infrastructure, conducting design adequacy and operating effectiveness testing of cloud controls for SOC2. Key duties include, but are not limited to: Performing assessment of Cloud controls (focusing on Azure) including; o Control design adequacy o Control operating effectiveness - Cloud control testing (including guard rails resource log analysis etc.) - Developing operating processes and procedures for cloud control testing of structured test papers for all controls tested - Reporting and tracking of cloud control gap remediations as well as ineffective or inadequate controls - Identify opportunities and recommendations to improve the design and implementation of cloud controls - Support the control owners in the design and maintenance and documentation of cloud controls Key words: Information Security, Compliance, security, SOC2 SOC 2, GRC, Trust Principles, cyber security, Cloud, Azure Eames Consulting is acting as an Employment Business in relation to this vacancy.
Oct 05, 2021
Contractor
My client, a global insurance company, is seeking a Cloud Controls Analyst to join its Compliance and Controls team (part of the GRC function) on a long-term contractual basis. This team conduct second line of defence testing for controls including those relating to the Security and Availability Trust Principles within SOC2. The successful Cloud Controls Analyst will support the delivery of cloud control testing in the areas of information & cyber security, technology and cloud infrastructure, conducting design adequacy and operating effectiveness testing of cloud controls for SOC2. Key duties include, but are not limited to: Performing assessment of Cloud controls (focusing on Azure) including; o Control design adequacy o Control operating effectiveness - Cloud control testing (including guard rails resource log analysis etc.) - Developing operating processes and procedures for cloud control testing of structured test papers for all controls tested - Reporting and tracking of cloud control gap remediations as well as ineffective or inadequate controls - Identify opportunities and recommendations to improve the design and implementation of cloud controls - Support the control owners in the design and maintenance and documentation of cloud controls Key words: Information Security, Compliance, security, SOC2 SOC 2, GRC, Trust Principles, cyber security, Cloud, Azure Eames Consulting is acting as an Employment Business in relation to this vacancy.
Security Analyst Security Analyst needed for a great SaaS company voted as Top 10 global companies to watch. With offices across US, Europe and over 2500 employees worldwide, with this specific role located within the heart of London paying a circa £60,000. It will require performing day-to-day security operations, responding to RFPs and RFIs whilst working closely with sales, legal and compliance teams, thus needing great communication skills. Skills: - 3-5 Years of experience in cyber security - Experience with PCS-DSS; ISO 27001 - Security certifications required including CISSP, CISM - Have a good level of understanding of OWASP - Reasonable understanding of the AWS, AZURE, GCP principles - Good communication skills This would suit somebody who's currently working in a GRC environment who's looking for a change or a consultancy environment who wants to move to end clients or someone with a broad technological knowledge. A great chance to join a massive technology company that's only going to continue growing, a chance not worth missing! There is a great benefit package included with this role including 15% bonus and having shares in the company.
Sep 10, 2021
Full time
Security Analyst Security Analyst needed for a great SaaS company voted as Top 10 global companies to watch. With offices across US, Europe and over 2500 employees worldwide, with this specific role located within the heart of London paying a circa £60,000. It will require performing day-to-day security operations, responding to RFPs and RFIs whilst working closely with sales, legal and compliance teams, thus needing great communication skills. Skills: - 3-5 Years of experience in cyber security - Experience with PCS-DSS; ISO 27001 - Security certifications required including CISSP, CISM - Have a good level of understanding of OWASP - Reasonable understanding of the AWS, AZURE, GCP principles - Good communication skills This would suit somebody who's currently working in a GRC environment who's looking for a change or a consultancy environment who wants to move to end clients or someone with a broad technological knowledge. A great chance to join a massive technology company that's only going to continue growing, a chance not worth missing! There is a great benefit package included with this role including 15% bonus and having shares in the company.
Role: SAP GRC Analyst
Sector: Engineering/Energy
Location: Lincoln
Rate: Negotiable
My client, a leading engineering company specialising in the UK energy market is looking for an experinced SAP Security Analyst to join their team in Lincoln.
The ideal candidate should have ideally worked previously in an engineering or utilities environment and have 7+ years experience as a SAP Security Consultant.
Responsibilities
- Responsible for supporting all security related activities for the SAP infrastructure
- These activities include: design, build, implement and support SAP security roles and profiles for each user involved in the enterprise systems implementation
- Working with ECC, BW, BPC, HANA, PO/PI, Solution Manager, Web Dispatcher and Bolt-On systems
To apply submit your CV
Sep 09, 2016
Role: SAP GRC Analyst
Sector: Engineering/Energy
Location: Lincoln
Rate: Negotiable
My client, a leading engineering company specialising in the UK energy market is looking for an experinced SAP Security Analyst to join their team in Lincoln.
The ideal candidate should have ideally worked previously in an engineering or utilities environment and have 7+ years experience as a SAP Security Consultant.
Responsibilities
- Responsible for supporting all security related activities for the SAP infrastructure
- These activities include: design, build, implement and support SAP security roles and profiles for each user involved in the enterprise systems implementation
- Working with ECC, BW, BPC, HANA, PO/PI, Solution Manager, Web Dispatcher and Bolt-On systems
To apply submit your CV
Understanding Recruitment
Bedfordshire, LU1 1, United Kingdom
Business Analyst - FTSE 100 Market Leader We are looking for a Business Analyst with experience of working in an enterprise level organisation to join this FTSE 100 European leader in their field at a time of continued technology driven growth to be the key liaison between IT and the business..... click apply for full job details
Feb 21, 2016
Business Analyst - FTSE 100 Market Leader We are looking for a Business Analyst with experience of working in an enterprise level organisation to join this FTSE 100 European leader in their field at a time of continued technology driven growth to be the key liaison between IT and the business..... click apply for full job details
Security, IT Security, monitor, SIEM, logging, web application, network security, End-point security software, risk assessment, vulnerability, governance, risk, compliance, GRC, access management, network security, data loss IT Security & Risk Analyst Harris Global are currently recruiting for an IT..... click apply for full job details
Feb 21, 2016
Security, IT Security, monitor, SIEM, logging, web application, network security, End-point security software, risk assessment, vulnerability, governance, risk, compliance, GRC, access management, network security, data loss IT Security & Risk Analyst Harris Global are currently recruiting for an IT..... click apply for full job details