Your new company A well known international business in the Basingstoke area, offering hybrid working, excellent study support (if required) and an element of travel in the UK and overseas- (up to 30%) Your new role Your role will focus on the delivery of internal audits with the opportunity to specialise in IT auditing and develop as a specialist in this area, with support from other members of the team.You will focus on IT audit elements of operational audits providing independent, objective assessment of the design and effectiveness of technology controls.You will develop and apply 'integrated' IT audits in conjunction with business audit team and share IT audit process and approach understanding with colleagues.This role offers excellent potential for advancement in the future and exposure to auditing a wide range of business operations, working with senior stakeholders across the organisation and the opportunity to travel. What you'll need to succeed You could be recently qualified or part-qualified in Accountancy studies (ACA, ACCA) with a background in Audit or a qualified Auditor (IIA/CIA) with a keen interest in developing your audit skills in the IT Audit arena and potentially, studying for CISA or equivalent exams.You are likely to already work in Internal or External Audit and have some experience in ITGCYou will have strong IT skills including Excel and an interest in developing IT tools. What you'll get in return Excellent study support if requiredSalary £40-52000 depending on experience and qualificationHybrid working 2 days a week in the office.Travel opportunities both in the UK and overseas up to a maximum of 30% of the timeCompany carA wide-ranging benefits package What you need to do now If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV, or call us now.If this job isn't quite right for you but you are looking for a new position, please contact us for a confidential discussion on your career. Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found at hays.co.uk
Apr 01, 2023
Full time
Your new company A well known international business in the Basingstoke area, offering hybrid working, excellent study support (if required) and an element of travel in the UK and overseas- (up to 30%) Your new role Your role will focus on the delivery of internal audits with the opportunity to specialise in IT auditing and develop as a specialist in this area, with support from other members of the team.You will focus on IT audit elements of operational audits providing independent, objective assessment of the design and effectiveness of technology controls.You will develop and apply 'integrated' IT audits in conjunction with business audit team and share IT audit process and approach understanding with colleagues.This role offers excellent potential for advancement in the future and exposure to auditing a wide range of business operations, working with senior stakeholders across the organisation and the opportunity to travel. What you'll need to succeed You could be recently qualified or part-qualified in Accountancy studies (ACA, ACCA) with a background in Audit or a qualified Auditor (IIA/CIA) with a keen interest in developing your audit skills in the IT Audit arena and potentially, studying for CISA or equivalent exams.You are likely to already work in Internal or External Audit and have some experience in ITGCYou will have strong IT skills including Excel and an interest in developing IT tools. What you'll get in return Excellent study support if requiredSalary £40-52000 depending on experience and qualificationHybrid working 2 days a week in the office.Travel opportunities both in the UK and overseas up to a maximum of 30% of the timeCompany carA wide-ranging benefits package What you need to do now If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV, or call us now.If this job isn't quite right for you but you are looking for a new position, please contact us for a confidential discussion on your career. Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found at hays.co.uk
Marks Sattin is working closely with a leading bank in Manchester who are going through an exciting period of growth and recruiting for a Senior IT Auditor. With a big focus this year on delivering value and providing assurance against key technology risks, you will be playing a pivotal part in establishing the team as they look to grow this out further across the region. You will gain exposure in implementing the foundations in the team as the business brings IT Audit in house as they enter some exciting transformation projects.In the role you will: Lead / Support lead auditors on individual audit engagements ensuring work is carried out in line with GIA methodology. Where appropriate lead IT audit assignments Lead key sections of audit programmes and perform audit / follow up / consultancy work within the organisation Identify and test key risks, assessing the effectiveness of controls and their level of implementation Challenge and influence on audit assignments to support the business and the IA function Ideally seeking someone with the following experience: Experience of external or internal Technology auditing. Ideally 2 years post qualification experience Experience of auditing Cyber Security, IT General Controls (ITGCs) for Application and Infrastructure Knowledge of industry Cyber Security Standards and best practice i.e. NIST
Apr 01, 2023
Full time
Marks Sattin is working closely with a leading bank in Manchester who are going through an exciting period of growth and recruiting for a Senior IT Auditor. With a big focus this year on delivering value and providing assurance against key technology risks, you will be playing a pivotal part in establishing the team as they look to grow this out further across the region. You will gain exposure in implementing the foundations in the team as the business brings IT Audit in house as they enter some exciting transformation projects.In the role you will: Lead / Support lead auditors on individual audit engagements ensuring work is carried out in line with GIA methodology. Where appropriate lead IT audit assignments Lead key sections of audit programmes and perform audit / follow up / consultancy work within the organisation Identify and test key risks, assessing the effectiveness of controls and their level of implementation Challenge and influence on audit assignments to support the business and the IA function Ideally seeking someone with the following experience: Experience of external or internal Technology auditing. Ideally 2 years post qualification experience Experience of auditing Cyber Security, IT General Controls (ITGCs) for Application and Infrastructure Knowledge of industry Cyber Security Standards and best practice i.e. NIST
We are currently looking for a Senior Security Analyst to join our busy team in Sheffield (hybrid working - 2 days in the office)! We are seeking a Senior Security Analyst to help work across teams to implement security practices consistently, and work as part of a team to monitor our stack. This role will report to the Cybersecurity Manager. Salary: £50,000-£60,000 per annum Contract Type: Full Time, Permanent Senior Security Analyst Duties: The role requires an individual to: Proactively monitor for, identify, respond to, and resolve security incidents To conduct internal technical and compliance audits to ensure that processes are being followed and that controls are effective. Work with the Cybersecurity Manager to continuously improve the security posture of the business. Work with Projects & Stakeholders across the business to advocate & implement security practices Mentor junior analysts and provide guidance on security best practices to teams across the department. This is a hands-on role combining technical work with responsibility for information security for managed services within Sopra Banking. Key Responsibilities: Respond to and investigate potential security incident alerts contributing to new security monitoring use cases, and ensure all investigative activity is properly documented in ticketing systems and followed up with the relevant support teams. Work with the Security Policy & Audit Manager to take ownership of internal auditing within the department to ensure compliance with ISO27001 and Sopra Banking Software security policies and procedures. Work with the Cybersecurity Manager to implement required controls as required as part of the IT Security roadmap and initiatives. Identify vulnerabilities and security risks of networks, operating systems, applications, databases and new technology initiatives. Validate vulnerability findings and provide guidance during remediation efforts. Identify and document security risks identified during project initiatives and BAU activities. Perform research on latest security/cyber threats, which can drive improvements in active projects and into existing tools and processes. Provide IT security operational support to managed services teams. Review and improve current operational procedures , write and maintain new supporting procedures and policies and perform regular audits of these. Liaise with customers and external auditors to assure them of SBSUK's security controls. Review changes brought to CAB to ensure that they do not introduce security weaknesses. Senior Security Analyst Requirements: Comptia Security + - or equivalent professional certification CompTIA Cybersecurity Analyst+ (CySA+) or equivalent professional certification. EC-Council Certified Security Analyst (ECSA) or equivalent professional certification. GIAC Certified Incident Handler (GCIH) or equivalent professional certification. Any of the following: Experience with Dell SecureWorks Experience with Qualys Experience Securing Oracle Databases Experienced working in and securing cloud environments (AWS preferred). Knowledge of UK financial sector regulation and/or bank and building society IT operations. If you do not have all of the above experience or skills we would still like to hear from you. Senior Security Analyst Benefits: Flexible - hybrid working model of 2 days in office and 3 days working from home. Market competitive salary 25 days holiday with an option to buy up to 5 more A 6% pension contribution, a buy one get one free employee share scheme Private medical insurance, critical illness cover A health cash plan We offer flexible working arrangements to all employees We take pride in rewarding our colleagues through Summer parties, treat days in the offices, and a social budget for each department. About the Company: Sopra Banking Software power over 25% of all UK mortgages and enable half of all UK building societies to deliver leading Savings and Digital experiences to millions of customers. Sopra Banking Software are proud to be an inclusive employer. At Sopra Banking Software, you can come as you are. We embrace diversity in all its forms. We're committed to fostering a work environment that is inclusive and respectful of all differences, we value diversity at our company and do not discriminate on the basis of race, ethnicity, religion, gender, sexual orientation, age or disability status. All personal information will be treated as confidential according to the Equality act. Sopra Banking Software works with banks, building societies and other financial services institutions across the world. We help them to develop, deliver and operationalise their digital transformation strategies. Using our suite of digital banking products and services enables these organisations to deliver remarkable financial services to their clients. If you think you are suitable for this Senior Security Analyst role, please apply now!
Apr 01, 2023
Full time
We are currently looking for a Senior Security Analyst to join our busy team in Sheffield (hybrid working - 2 days in the office)! We are seeking a Senior Security Analyst to help work across teams to implement security practices consistently, and work as part of a team to monitor our stack. This role will report to the Cybersecurity Manager. Salary: £50,000-£60,000 per annum Contract Type: Full Time, Permanent Senior Security Analyst Duties: The role requires an individual to: Proactively monitor for, identify, respond to, and resolve security incidents To conduct internal technical and compliance audits to ensure that processes are being followed and that controls are effective. Work with the Cybersecurity Manager to continuously improve the security posture of the business. Work with Projects & Stakeholders across the business to advocate & implement security practices Mentor junior analysts and provide guidance on security best practices to teams across the department. This is a hands-on role combining technical work with responsibility for information security for managed services within Sopra Banking. Key Responsibilities: Respond to and investigate potential security incident alerts contributing to new security monitoring use cases, and ensure all investigative activity is properly documented in ticketing systems and followed up with the relevant support teams. Work with the Security Policy & Audit Manager to take ownership of internal auditing within the department to ensure compliance with ISO27001 and Sopra Banking Software security policies and procedures. Work with the Cybersecurity Manager to implement required controls as required as part of the IT Security roadmap and initiatives. Identify vulnerabilities and security risks of networks, operating systems, applications, databases and new technology initiatives. Validate vulnerability findings and provide guidance during remediation efforts. Identify and document security risks identified during project initiatives and BAU activities. Perform research on latest security/cyber threats, which can drive improvements in active projects and into existing tools and processes. Provide IT security operational support to managed services teams. Review and improve current operational procedures , write and maintain new supporting procedures and policies and perform regular audits of these. Liaise with customers and external auditors to assure them of SBSUK's security controls. Review changes brought to CAB to ensure that they do not introduce security weaknesses. Senior Security Analyst Requirements: Comptia Security + - or equivalent professional certification CompTIA Cybersecurity Analyst+ (CySA+) or equivalent professional certification. EC-Council Certified Security Analyst (ECSA) or equivalent professional certification. GIAC Certified Incident Handler (GCIH) or equivalent professional certification. Any of the following: Experience with Dell SecureWorks Experience with Qualys Experience Securing Oracle Databases Experienced working in and securing cloud environments (AWS preferred). Knowledge of UK financial sector regulation and/or bank and building society IT operations. If you do not have all of the above experience or skills we would still like to hear from you. Senior Security Analyst Benefits: Flexible - hybrid working model of 2 days in office and 3 days working from home. Market competitive salary 25 days holiday with an option to buy up to 5 more A 6% pension contribution, a buy one get one free employee share scheme Private medical insurance, critical illness cover A health cash plan We offer flexible working arrangements to all employees We take pride in rewarding our colleagues through Summer parties, treat days in the offices, and a social budget for each department. About the Company: Sopra Banking Software power over 25% of all UK mortgages and enable half of all UK building societies to deliver leading Savings and Digital experiences to millions of customers. Sopra Banking Software are proud to be an inclusive employer. At Sopra Banking Software, you can come as you are. We embrace diversity in all its forms. We're committed to fostering a work environment that is inclusive and respectful of all differences, we value diversity at our company and do not discriminate on the basis of race, ethnicity, religion, gender, sexual orientation, age or disability status. All personal information will be treated as confidential according to the Equality act. Sopra Banking Software works with banks, building societies and other financial services institutions across the world. We help them to develop, deliver and operationalise their digital transformation strategies. Using our suite of digital banking products and services enables these organisations to deliver remarkable financial services to their clients. If you think you are suitable for this Senior Security Analyst role, please apply now!
Job Title: Cyber Security Assurance Specialist Location: Hybrid-Flexible on location South East and North West Farnborough or Preston 1 day minimum in office. We offer a range of hybrid and flexible working arrangements - please speak to your recruiter about the options for this particular role. Salary: Circa. £50,000K- Depending on experience and skills What you'll be doing: Deliver assurance services to the business, EITS, IM&T Sector and Group Functions, covering CPE (Customer Premises Equipment) and cloud-based systems. Identification of risk and appropriate mitigation requirements, development & analysis of secure solutions (covering technical / physical / procedural / personnel controls) and assessment of compliance with internal and external standards and regulationsDeliver documentation to demonstrate compliance to internal and external stakeholdersAssessment and provision of control effectiveness in managing information security riskProvide security architecture / technical input into the development of secure solutionsSupport development of strategy and continual service improvement for the assurance functionAct as a subject matter expert regarding assurance activities for the wider organisationDeliver assurance services to the business, EITS, IM&T Sector and Group Functions, covering CPE (Customer Premises Equipment) and cloud-based systems Your skills and experiences: Essential: In-depth knowledge of industry standard security policy, standards and good practice guidance and their application to a variety of IT solutions processing protectively marked informationIn-depth knowledge of threats, risks, vulnerabilities and risk mitigations strategies and techniquesKnowledge of information security standards, such as HMG, ISO 27001/18, NIST 800 etc Desirable: Knowledge of CompTIA (A+, Network+, Security+)/CCSK/ISO27001 Practitioner (Lead Auditor etc.) - essential in one or more certifications / or on path to completeExcellent negotiation and interpersonal skills for managing relationships with stakeholders and direct reports Benefits: You'll receive benefits including a competitive pension scheme, enhanced annual leave allowance and a Company contributed Share Incentive Plan. You'll also have access to additional benefits such as flexible working, an employee assistance programme, Cycle2work and employee discounts - you may also be eligible for an annual incentive. The In Design team: What we do is Cyber Security Assurance, Cloud, Design, Operation. In Design Team - Providing cyber security, advising BU on how to stay compliant. Why BAE Systems? This is a place where you'll be able to make a real difference. You'll be part of an inclusive culture that values diversity, rewards integrity, and merit, and where you'll be empowered to fulfil your potential. We welcome candidates from all backgrounds and particularly from sections of the community who are currently underrepresented within our industry, including women, ethnic minorities, people with disabilities and LGBTQ+ individuals. We also want to make sure that our recruitment processes are as inclusive as possible. If you have a disability or health condition (for example dyslexia, autism, an anxiety disorder etc.) that may affect your performance in certain assessment types, please speak to your recruiter about potential reasonable adjustments.Please be aware that many roles working for BAE Systems will be subject to both security and export control restrictions. These restrictions mean that factors including your nationality, any previous nationalities you have held, and your place of birth may limit those roles you can perform for the organisation.
Apr 01, 2023
Full time
Job Title: Cyber Security Assurance Specialist Location: Hybrid-Flexible on location South East and North West Farnborough or Preston 1 day minimum in office. We offer a range of hybrid and flexible working arrangements - please speak to your recruiter about the options for this particular role. Salary: Circa. £50,000K- Depending on experience and skills What you'll be doing: Deliver assurance services to the business, EITS, IM&T Sector and Group Functions, covering CPE (Customer Premises Equipment) and cloud-based systems. Identification of risk and appropriate mitigation requirements, development & analysis of secure solutions (covering technical / physical / procedural / personnel controls) and assessment of compliance with internal and external standards and regulationsDeliver documentation to demonstrate compliance to internal and external stakeholdersAssessment and provision of control effectiveness in managing information security riskProvide security architecture / technical input into the development of secure solutionsSupport development of strategy and continual service improvement for the assurance functionAct as a subject matter expert regarding assurance activities for the wider organisationDeliver assurance services to the business, EITS, IM&T Sector and Group Functions, covering CPE (Customer Premises Equipment) and cloud-based systems Your skills and experiences: Essential: In-depth knowledge of industry standard security policy, standards and good practice guidance and their application to a variety of IT solutions processing protectively marked informationIn-depth knowledge of threats, risks, vulnerabilities and risk mitigations strategies and techniquesKnowledge of information security standards, such as HMG, ISO 27001/18, NIST 800 etc Desirable: Knowledge of CompTIA (A+, Network+, Security+)/CCSK/ISO27001 Practitioner (Lead Auditor etc.) - essential in one or more certifications / or on path to completeExcellent negotiation and interpersonal skills for managing relationships with stakeholders and direct reports Benefits: You'll receive benefits including a competitive pension scheme, enhanced annual leave allowance and a Company contributed Share Incentive Plan. You'll also have access to additional benefits such as flexible working, an employee assistance programme, Cycle2work and employee discounts - you may also be eligible for an annual incentive. The In Design team: What we do is Cyber Security Assurance, Cloud, Design, Operation. In Design Team - Providing cyber security, advising BU on how to stay compliant. Why BAE Systems? This is a place where you'll be able to make a real difference. You'll be part of an inclusive culture that values diversity, rewards integrity, and merit, and where you'll be empowered to fulfil your potential. We welcome candidates from all backgrounds and particularly from sections of the community who are currently underrepresented within our industry, including women, ethnic minorities, people with disabilities and LGBTQ+ individuals. We also want to make sure that our recruitment processes are as inclusive as possible. If you have a disability or health condition (for example dyslexia, autism, an anxiety disorder etc.) that may affect your performance in certain assessment types, please speak to your recruiter about potential reasonable adjustments.Please be aware that many roles working for BAE Systems will be subject to both security and export control restrictions. These restrictions mean that factors including your nationality, any previous nationalities you have held, and your place of birth may limit those roles you can perform for the organisation.
We aim to create an inclusive workplace in which everyone can thrive: We are a proud Disability Confident Leader and holder of the Silver Inclusive Employer Standard We have reduced our gender pay gap from 10.9% to 6.9% (in the last 12 months) and increased women in leadership roles from 21% to 32% () We have reduced our ethnicity data gap from 40% to 20%, and our disability data gap from 95% to 50% over the last 12 months We were recognised in May 2022 as one of only 3 companies (from 100) to achieve Tier 1 accreditation in the CCLA Mental Health Benchmark Report As a business we advocate flexible working as we know that your time is valuable, both inside and outside of work. We also provide an extensive Employee Assistance Program to include online counselling, webinars, health check-ins and financial wellbeing assistance. Careers in IT Services: IT is at the heart of many of the vital services that Serco provide, from caring for vulnerable people, managing complex public services, to heavy rail and hospital operations. IT Services underpin Serco teams in many of the key public services we deliver in the UK, Europe and globally, making a difference to thousands of people every day. The people in IT Services are passionate about what they do and are proud to make a positive difference to the services that Serco delivers. Working together with the shared goal of providing the best service for our customers, this is what drives the culture and mindset, this is the Serco value and that is why a career with us is so rewarding. The Role: Serco is committed to protecting all our services from threats, whether internal or external, deliberate or accidental, that might have an adverse impact on individuals, our activities and our reputation. However, providing the right balance of security controls to protect an information system is a complex task: overly stringent controls will hamper the ability to conduct business, but conversely, if the controls are too weak, information (and organisational reputation) is put at risk, with potentially serious financial and legal consequences. The key purpose of this role is to guide the design, implementation, and ongoing management of appropriate combinations of technical, physical, procedural and personnel controls to protect our customers' data and to comply with our legal, regulatory and contractual obligations while meeting our business requirements. This involves working with and influencing at all levels within bid and contract teams, producing a variety of verbal and written outputs. Responsibilities: Provision of information assurance leadership in large and complex environments. Provision of security input into multidisciplinary bid teams, including security requirements definition, architectural design work, advice and guidance on security issues, risk assessment, guidance on residual risk and mitigation strategies, contracts review, governance strategies, costing of security operations, written submissions, creation of draft policies, and so on. Support to architectural design activities, advising on security factors such as HMG policy and good practice, assurance / evaluation requirements, technical requirements or constraints, selection of security technologies and controls, physical requirements or constraints, supporting personnel and / or procedural requirements. Undertaking risk assessments and production of assurance documentation in line with HMG policy or departmental processes (including Information Assurance Standards 1&2 or their replacement). Provision of support to security management functions, predominantly within 'formal' security frameworks such as accredited, ISO27001 compliant, or PCI compliant environments, adopting a proactive approach to security management and security assurance coordination, ensuring smooth running of scheduled activities (SWGs, penetration tests, security documentation review) and gaining the trust of key stakeholders (including customer representatives and accreditors). Provision of guidance on the appropriate components to utilise in implementing an architecture with the necessary security enforcing functionality, or guidance on retrofitting security capabilities to meet updated requirements or change requests. Engagement with IT Security Health Check suppliers, scoping test plans and helping stakeholders interpret the results of the tests, as well as supporting the implementation of any remedial actions, where required. Undertaking gap analyses against formal security frameworks (particularly ISO27001 and PCI DSS), reporting on areas of deficiency and producing remedial action plans (where appropriate). Support to procurement processes, including documentation of appropriate security requirements into RFP / tender documentation, the assessment of responses, and support in the production of appropriate statements of work / contractual schedules. Production of collateral to support the wider business, where appropriate. Requirements: A broad Information Security knowledge, ranging from developing and reviewing security architectures through to risk assessment and certification. Excellent communications skills (written and oral) are essential, as are demonstrable experience of working within formal frameworks such as ISO27001 and PCI-DSS. Experience of operating with autonomy in a senior Information Assurance role and be educated to degree level in a relevant discipline (or possess equivalent vocational qualifications). Detailed working knowledge of multiple Information Security-related requirements sources / standards, with examples including: The Government Security Policy Framework (SPF), along with NCSC (and legacy CESG) security standards and guidance PCI-DSS (Payment Card Security) ISO27001 (Information Security Management) NHS security standards and supplier assurance framework Data Protection Act / GDPR ISO 22301 (/BS 25999) (Business Continuity Management) UK Government Cyber Essentials Scheme. DefStan05-138 (Defence Cyber Protection Partnership). Desirable certifications: Certified Information Systems Security Professional (CISSP) Certified Information Security Manager (CISM) Cloud Security Practitioner ISO27001 Lead Auditor and / or Implementer PCI-DSS Practitioner Certificate in Information Security Management Principles (CISMP) Certification against the NCSC Certified Cyber Professional (formally CESG Certified Professional Scheme is advantageous (but not essential). What we offer: Flexible working considered Pension - 6% Childcare vouchers Bike4Work scheme Chance to contribute to innovation in the public services A company passionate about diversity and inclusion We encourage you to apply even if you don't match every single aspect of the job description. We're looking for great people and are big on career development, so we're open to reviewing all applications. About Serco At Serco, not only is the nature of the work we do important, everyone has an important role to play, from caring for vulnerable people to managing complex public services. We are a team of 50,000 people responsible for delivering essential public services around the world in areas including defence, transport, justice, immigration, healthcare and citizen services. We are innovators, committed to redesigning and improving public services for the benefit of everyone. By joining Serco you will have unlimited access to our Global Employee Networks - SercoInspire (Gender), SercoEmbrace (Multicultural), SercoUnlimited (Disability) and (LGBT & Networks). Serco Employee Networks, led by colleagues who are passionate about diversity, inclusion and belonging. Apply Please click on the apply button to complete your application. Occasionally we receive a large volume of applications for our roles and when that happens we sometimes bring the closing date forward, so please apply promptly to avoid disappointment. At Serco, we see people first and foremost for their performance and potential. We are committed to building a diverse and inclusive organisation that supports the needs of all. As such we will make reasonable adjustments at interview through to employment for our candidates and strongly encourage applications from a diverse candidate pool. We are open to discussions around flexibility and flexible working. We operate a hybrid work structure in many of our business areas. We are proudly Disability Confident Leader employers and holder of the Silver Inclusive Employer Standard. Disabled applicants who meet the minimum criteria for the job will be given the opportunity to demonstrate their abilities at an interview. At Serco we support fair access to employment for those with unspent criminal convictions through the 'Ban the Box' pledge (some may be exempt due to the nature of the role and the security clearance required).
Apr 01, 2023
Full time
We aim to create an inclusive workplace in which everyone can thrive: We are a proud Disability Confident Leader and holder of the Silver Inclusive Employer Standard We have reduced our gender pay gap from 10.9% to 6.9% (in the last 12 months) and increased women in leadership roles from 21% to 32% () We have reduced our ethnicity data gap from 40% to 20%, and our disability data gap from 95% to 50% over the last 12 months We were recognised in May 2022 as one of only 3 companies (from 100) to achieve Tier 1 accreditation in the CCLA Mental Health Benchmark Report As a business we advocate flexible working as we know that your time is valuable, both inside and outside of work. We also provide an extensive Employee Assistance Program to include online counselling, webinars, health check-ins and financial wellbeing assistance. Careers in IT Services: IT is at the heart of many of the vital services that Serco provide, from caring for vulnerable people, managing complex public services, to heavy rail and hospital operations. IT Services underpin Serco teams in many of the key public services we deliver in the UK, Europe and globally, making a difference to thousands of people every day. The people in IT Services are passionate about what they do and are proud to make a positive difference to the services that Serco delivers. Working together with the shared goal of providing the best service for our customers, this is what drives the culture and mindset, this is the Serco value and that is why a career with us is so rewarding. The Role: Serco is committed to protecting all our services from threats, whether internal or external, deliberate or accidental, that might have an adverse impact on individuals, our activities and our reputation. However, providing the right balance of security controls to protect an information system is a complex task: overly stringent controls will hamper the ability to conduct business, but conversely, if the controls are too weak, information (and organisational reputation) is put at risk, with potentially serious financial and legal consequences. The key purpose of this role is to guide the design, implementation, and ongoing management of appropriate combinations of technical, physical, procedural and personnel controls to protect our customers' data and to comply with our legal, regulatory and contractual obligations while meeting our business requirements. This involves working with and influencing at all levels within bid and contract teams, producing a variety of verbal and written outputs. Responsibilities: Provision of information assurance leadership in large and complex environments. Provision of security input into multidisciplinary bid teams, including security requirements definition, architectural design work, advice and guidance on security issues, risk assessment, guidance on residual risk and mitigation strategies, contracts review, governance strategies, costing of security operations, written submissions, creation of draft policies, and so on. Support to architectural design activities, advising on security factors such as HMG policy and good practice, assurance / evaluation requirements, technical requirements or constraints, selection of security technologies and controls, physical requirements or constraints, supporting personnel and / or procedural requirements. Undertaking risk assessments and production of assurance documentation in line with HMG policy or departmental processes (including Information Assurance Standards 1&2 or their replacement). Provision of support to security management functions, predominantly within 'formal' security frameworks such as accredited, ISO27001 compliant, or PCI compliant environments, adopting a proactive approach to security management and security assurance coordination, ensuring smooth running of scheduled activities (SWGs, penetration tests, security documentation review) and gaining the trust of key stakeholders (including customer representatives and accreditors). Provision of guidance on the appropriate components to utilise in implementing an architecture with the necessary security enforcing functionality, or guidance on retrofitting security capabilities to meet updated requirements or change requests. Engagement with IT Security Health Check suppliers, scoping test plans and helping stakeholders interpret the results of the tests, as well as supporting the implementation of any remedial actions, where required. Undertaking gap analyses against formal security frameworks (particularly ISO27001 and PCI DSS), reporting on areas of deficiency and producing remedial action plans (where appropriate). Support to procurement processes, including documentation of appropriate security requirements into RFP / tender documentation, the assessment of responses, and support in the production of appropriate statements of work / contractual schedules. Production of collateral to support the wider business, where appropriate. Requirements: A broad Information Security knowledge, ranging from developing and reviewing security architectures through to risk assessment and certification. Excellent communications skills (written and oral) are essential, as are demonstrable experience of working within formal frameworks such as ISO27001 and PCI-DSS. Experience of operating with autonomy in a senior Information Assurance role and be educated to degree level in a relevant discipline (or possess equivalent vocational qualifications). Detailed working knowledge of multiple Information Security-related requirements sources / standards, with examples including: The Government Security Policy Framework (SPF), along with NCSC (and legacy CESG) security standards and guidance PCI-DSS (Payment Card Security) ISO27001 (Information Security Management) NHS security standards and supplier assurance framework Data Protection Act / GDPR ISO 22301 (/BS 25999) (Business Continuity Management) UK Government Cyber Essentials Scheme. DefStan05-138 (Defence Cyber Protection Partnership). Desirable certifications: Certified Information Systems Security Professional (CISSP) Certified Information Security Manager (CISM) Cloud Security Practitioner ISO27001 Lead Auditor and / or Implementer PCI-DSS Practitioner Certificate in Information Security Management Principles (CISMP) Certification against the NCSC Certified Cyber Professional (formally CESG Certified Professional Scheme is advantageous (but not essential). What we offer: Flexible working considered Pension - 6% Childcare vouchers Bike4Work scheme Chance to contribute to innovation in the public services A company passionate about diversity and inclusion We encourage you to apply even if you don't match every single aspect of the job description. We're looking for great people and are big on career development, so we're open to reviewing all applications. About Serco At Serco, not only is the nature of the work we do important, everyone has an important role to play, from caring for vulnerable people to managing complex public services. We are a team of 50,000 people responsible for delivering essential public services around the world in areas including defence, transport, justice, immigration, healthcare and citizen services. We are innovators, committed to redesigning and improving public services for the benefit of everyone. By joining Serco you will have unlimited access to our Global Employee Networks - SercoInspire (Gender), SercoEmbrace (Multicultural), SercoUnlimited (Disability) and (LGBT & Networks). Serco Employee Networks, led by colleagues who are passionate about diversity, inclusion and belonging. Apply Please click on the apply button to complete your application. Occasionally we receive a large volume of applications for our roles and when that happens we sometimes bring the closing date forward, so please apply promptly to avoid disappointment. At Serco, we see people first and foremost for their performance and potential. We are committed to building a diverse and inclusive organisation that supports the needs of all. As such we will make reasonable adjustments at interview through to employment for our candidates and strongly encourage applications from a diverse candidate pool. We are open to discussions around flexibility and flexible working. We operate a hybrid work structure in many of our business areas. We are proudly Disability Confident Leader employers and holder of the Silver Inclusive Employer Standard. Disabled applicants who meet the minimum criteria for the job will be given the opportunity to demonstrate their abilities at an interview. At Serco we support fair access to employment for those with unspent criminal convictions through the 'Ban the Box' pledge (some may be exempt due to the nature of the role and the security clearance required).
Governance, Risk & Compliance Manager Start: ASAP Role: Perm Salary: £53,353.00 - £61,823.00 Other Benefits: Generous pension scheme 32 days Annual Leave + Bank Holidays Christmas shutdown Flexible Working Scheme (that is not hybrid working) Childcare services and childcare vouchers Subsidised gym membership (new facilities at Ravelin Sports Centre) Purpose of Job: Under the direction of the Head of Cyber Security, the Governance, Risk and Compliance Manager, leads the security assessment function, in accordance with internal controls compliance, regulatory and departmental policy and procedures. The Governance, Risk and Compliance Manager will develop and manage the risk management framework, control matrices, and all related dashboards, and will make recommendations for senior management consideration. This position is responsible for compliance with the internal controls, regulatory and information security policies and procedures. The role holder works closely with internal/external auditors, and regulatory agencies and will ensure that supporting documentation is available as applicable. The Governance, Risk, and Compliance Manager, line manages and develops the Governance, Risk, and Compliance Analyst within their team. Key Responsibilities: Support the Head of Cyber Security in developing and maintaining the Cyber Security Strategy, ensuring that it delivers against the strategic aims. Define and deliver an IT Governance, Risk and Compliance Framework. Align the framework with information technology with business objectives, while managing risk and meeting regulatory compliance requirements. Responsible for the management and successful implementation of Cyber Security Improvement Programme, policy work packages. Responsible for assessing and documenting of the compliance and risk posture. Lead on the communication and development of a cyber security culture across the institution, raising awareness and increasing the understanding of security through the application of policy and practice. Ensuring that this is articulated in a way. Responsible for the creation, maintenance and delivery of a cyber security awareness campaign and training for colleagues that is understandable to a non-technical audience. Line manage, support, challenge and develop the Cyber Security Governance & Compliance team members. Define and deliver clear and actionable reporting metrics and dashboards regarding cyber security governance and compliance activities. Develop a strategy for audits, compliance checks and external assessment processes for internal/external auditors. Be responsible for vulnerability and threat risk assessment and prioritisation. Attend and actively participate in the IS Security Monthly Review. Own the risk log and produce a monthly security report. Build and maintain a strong working relationship with vendors and partners. Be responsible for ensuring that stakeholders understand and establish acceptable levels of risk, and recommend activities that will proactively reduce the potential for incidents. To manage budgets associated with governance, risk and compliance activities and ensure ongoing costs are captured in recurrent budgets. Provide project and operational budget reports as required. Support and advise on cyber security requirements for the development and delivery of new IT services. Make recommendations regarding the effectiveness of the security controls for the IT systems and services. Develop and implement effective and reasonable policies and practices to secure protected and sensitive data and ensure cyber security and compliance with relevant legislation and legal requirements. Must Haves: - Risk Management Experience Ability to interact with Product Teams Ability to do Light weight Audits Up to date knowledge of IS27001 Audited experience Excellent communication skills Ability to undertake verbal updates, reports and meetings Excellent Stakeholder management Be a self-starter with hands on experience Management experience highly desired but not essential Certes Computing (and all of its subsidiary companies) is committed to promoting equality and diversity in its business operations.
Mar 31, 2023
Full time
Governance, Risk & Compliance Manager Start: ASAP Role: Perm Salary: £53,353.00 - £61,823.00 Other Benefits: Generous pension scheme 32 days Annual Leave + Bank Holidays Christmas shutdown Flexible Working Scheme (that is not hybrid working) Childcare services and childcare vouchers Subsidised gym membership (new facilities at Ravelin Sports Centre) Purpose of Job: Under the direction of the Head of Cyber Security, the Governance, Risk and Compliance Manager, leads the security assessment function, in accordance with internal controls compliance, regulatory and departmental policy and procedures. The Governance, Risk and Compliance Manager will develop and manage the risk management framework, control matrices, and all related dashboards, and will make recommendations for senior management consideration. This position is responsible for compliance with the internal controls, regulatory and information security policies and procedures. The role holder works closely with internal/external auditors, and regulatory agencies and will ensure that supporting documentation is available as applicable. The Governance, Risk, and Compliance Manager, line manages and develops the Governance, Risk, and Compliance Analyst within their team. Key Responsibilities: Support the Head of Cyber Security in developing and maintaining the Cyber Security Strategy, ensuring that it delivers against the strategic aims. Define and deliver an IT Governance, Risk and Compliance Framework. Align the framework with information technology with business objectives, while managing risk and meeting regulatory compliance requirements. Responsible for the management and successful implementation of Cyber Security Improvement Programme, policy work packages. Responsible for assessing and documenting of the compliance and risk posture. Lead on the communication and development of a cyber security culture across the institution, raising awareness and increasing the understanding of security through the application of policy and practice. Ensuring that this is articulated in a way. Responsible for the creation, maintenance and delivery of a cyber security awareness campaign and training for colleagues that is understandable to a non-technical audience. Line manage, support, challenge and develop the Cyber Security Governance & Compliance team members. Define and deliver clear and actionable reporting metrics and dashboards regarding cyber security governance and compliance activities. Develop a strategy for audits, compliance checks and external assessment processes for internal/external auditors. Be responsible for vulnerability and threat risk assessment and prioritisation. Attend and actively participate in the IS Security Monthly Review. Own the risk log and produce a monthly security report. Build and maintain a strong working relationship with vendors and partners. Be responsible for ensuring that stakeholders understand and establish acceptable levels of risk, and recommend activities that will proactively reduce the potential for incidents. To manage budgets associated with governance, risk and compliance activities and ensure ongoing costs are captured in recurrent budgets. Provide project and operational budget reports as required. Support and advise on cyber security requirements for the development and delivery of new IT services. Make recommendations regarding the effectiveness of the security controls for the IT systems and services. Develop and implement effective and reasonable policies and practices to secure protected and sensitive data and ensure cyber security and compliance with relevant legislation and legal requirements. Must Haves: - Risk Management Experience Ability to interact with Product Teams Ability to do Light weight Audits Up to date knowledge of IS27001 Audited experience Excellent communication skills Ability to undertake verbal updates, reports and meetings Excellent Stakeholder management Be a self-starter with hands on experience Management experience highly desired but not essential Certes Computing (and all of its subsidiary companies) is committed to promoting equality and diversity in its business operations.
Risk & Control Officer - NIST-SOX coordinator BTL We are supporting a Global Client. This is 6 months initially. It is mainly remote, the client is based in Manchester. The daily rate for this role is £320 Inside IR35. The client is seeking someone with a background in IT recommendation management and SOX. Responsibilities: The IT Risk & Compliance Officer is responsible for partnering with risk owners throughout the Transport Limited business function and other business units to design and maintain internal controls in line with our risk appetite and to maintain the quality of our processes. The role requires to work closely with stakeholders from multiple departments and to have a strong big picture focus, but be able to zoom in and out of the details to ensure full process understanding. The IT Risk & Compliance Officer role requires solid stakeholder management skills, and to be comfortable with challenging risk owners to come up with robust, scalable solutions which mitigate key risks while enabling successful business operations. -Engage on NIST CSF Recommendations and Framework management activities by: closely working with control owners on Framework updates, Recommendation handshaking and Follow up. -Build knowledge of internal IT controls, systems and process landscape to enable clear understanding of impact and Lead Initiative affecting wider organizations. -Coordinate new requests from the business functions and units for support with controls. Stay flexible to meet the dynamic business needs, while maintaining robust solutions that strengthen the control environment. -Coordinate with process and control owners regarding control and narrative updates as well as quarterly SOx certifications -Liaise with internal and external auditors and proactively coordinate our SOX audit engagement for IT assets and processes within our Central Tech BU. -Be the first line gathering audit evidence and reviewing it before sharing it with auditors. -Coordinate remediation of findings and deficiencies identified by internal and external auditors. Skills: Established experience gained within one or more of these areas IT Risk Management, IT audit and compliance, and IT general control design Working knowledge of SOx regulation and familiarity/working experience of SOX IT controls and NIST CSF Framework. Experience in Risk management activities or other regulations is a plus. Business or IT degree/certificates (CISA, CISM, CISSP) is a plus Familiar with technology platforms (Kubernetes, MySQL, Linux, AWS, Active Directory, Okta, etc) and DevOps tools (eg Gitlab, Jenkins, Harness, Terraform, etc). Hands-on experience is a plus. Familiar with ServiceNow, Google Suite, Jira tools (or similar) Enthusiastic, self-starting and enjoys change and a dynamic environment Able to self-motivate, organize and take responsibility for own workload to ensure that deadlines and objectives are met Able to multitask and prioritize work effectively.
Mar 30, 2023
Contractor
Risk & Control Officer - NIST-SOX coordinator BTL We are supporting a Global Client. This is 6 months initially. It is mainly remote, the client is based in Manchester. The daily rate for this role is £320 Inside IR35. The client is seeking someone with a background in IT recommendation management and SOX. Responsibilities: The IT Risk & Compliance Officer is responsible for partnering with risk owners throughout the Transport Limited business function and other business units to design and maintain internal controls in line with our risk appetite and to maintain the quality of our processes. The role requires to work closely with stakeholders from multiple departments and to have a strong big picture focus, but be able to zoom in and out of the details to ensure full process understanding. The IT Risk & Compliance Officer role requires solid stakeholder management skills, and to be comfortable with challenging risk owners to come up with robust, scalable solutions which mitigate key risks while enabling successful business operations. -Engage on NIST CSF Recommendations and Framework management activities by: closely working with control owners on Framework updates, Recommendation handshaking and Follow up. -Build knowledge of internal IT controls, systems and process landscape to enable clear understanding of impact and Lead Initiative affecting wider organizations. -Coordinate new requests from the business functions and units for support with controls. Stay flexible to meet the dynamic business needs, while maintaining robust solutions that strengthen the control environment. -Coordinate with process and control owners regarding control and narrative updates as well as quarterly SOx certifications -Liaise with internal and external auditors and proactively coordinate our SOX audit engagement for IT assets and processes within our Central Tech BU. -Be the first line gathering audit evidence and reviewing it before sharing it with auditors. -Coordinate remediation of findings and deficiencies identified by internal and external auditors. Skills: Established experience gained within one or more of these areas IT Risk Management, IT audit and compliance, and IT general control design Working knowledge of SOx regulation and familiarity/working experience of SOX IT controls and NIST CSF Framework. Experience in Risk management activities or other regulations is a plus. Business or IT degree/certificates (CISA, CISM, CISSP) is a plus Familiar with technology platforms (Kubernetes, MySQL, Linux, AWS, Active Directory, Okta, etc) and DevOps tools (eg Gitlab, Jenkins, Harness, Terraform, etc). Hands-on experience is a plus. Familiar with ServiceNow, Google Suite, Jira tools (or similar) Enthusiastic, self-starting and enjoys change and a dynamic environment Able to self-motivate, organize and take responsibility for own workload to ensure that deadlines and objectives are met Able to multitask and prioritize work effectively.
IT Risk & Compliance Officer Fully Remote 6-month contract Up to £39.60 per hour - (Inside IR35) Digital Skills are pleased to partner with a global travel agency looking to recruit an IT Risk & Compliance Officer. You will be responsible for partnering with risk owners throughout several business functions to design and maintain internal controls in line with their risk appetite and to maintain the quality of our processes. The IT Risk & Compliance Officer role requires solid stakeholder management skills, and to be comfortable with challenging risk owners to come up with robust, scalable solutions which mitigate key risks while enabling successful business operations. Responsibilities Engage on NIST CSF Recommendations and Framework management activities by: closely working with control owners on Framework updates, Recommendation handshaking and Follow up. Build knowledge of internal IT controls, systems and process landscape to enable a clear understanding of impact and Lead Initiatives affecting wider organizations. Coordinate new requests from the business functions and units for support with controls. Coordinate with process and control owners regarding control and narrative updates as well as quarterly SOx certifications. Liaise with internal and external auditors and proactively coordinate our SOX audit engagement for IT assets and processes within our Central Tech BU. Be the first line of gathering audit evidence and reviewing it before sharing it with auditors. Coordinate remediation of findings and deficiencies identified by internal and external auditors. Key Skills: Experience gained within one or more of these areas IT Risk Management, IT audit and compliance, and IT general control design. Working knowledge of SOx regulation and familiarity/working experience of SOX IT controls and NIST CSF Framework. Experience in Risk management activities or other regulations is a plus. Familiar with technology platforms (Kubernetes, MySQL, Linux, AWS, Active Directory, Okta, etc) and DevOps tools (eg Gitlab, Jenkins, Harness, Terraform, etc). Hands-on experience is a plus. Familiar with ServiceNow, Google Suite, Jira tools (or similar). If this sounds of interest to you, please apply ASAP.
Mar 30, 2023
Contractor
IT Risk & Compliance Officer Fully Remote 6-month contract Up to £39.60 per hour - (Inside IR35) Digital Skills are pleased to partner with a global travel agency looking to recruit an IT Risk & Compliance Officer. You will be responsible for partnering with risk owners throughout several business functions to design and maintain internal controls in line with their risk appetite and to maintain the quality of our processes. The IT Risk & Compliance Officer role requires solid stakeholder management skills, and to be comfortable with challenging risk owners to come up with robust, scalable solutions which mitigate key risks while enabling successful business operations. Responsibilities Engage on NIST CSF Recommendations and Framework management activities by: closely working with control owners on Framework updates, Recommendation handshaking and Follow up. Build knowledge of internal IT controls, systems and process landscape to enable a clear understanding of impact and Lead Initiatives affecting wider organizations. Coordinate new requests from the business functions and units for support with controls. Coordinate with process and control owners regarding control and narrative updates as well as quarterly SOx certifications. Liaise with internal and external auditors and proactively coordinate our SOX audit engagement for IT assets and processes within our Central Tech BU. Be the first line of gathering audit evidence and reviewing it before sharing it with auditors. Coordinate remediation of findings and deficiencies identified by internal and external auditors. Key Skills: Experience gained within one or more of these areas IT Risk Management, IT audit and compliance, and IT general control design. Working knowledge of SOx regulation and familiarity/working experience of SOX IT controls and NIST CSF Framework. Experience in Risk management activities or other regulations is a plus. Familiar with technology platforms (Kubernetes, MySQL, Linux, AWS, Active Directory, Okta, etc) and DevOps tools (eg Gitlab, Jenkins, Harness, Terraform, etc). Hands-on experience is a plus. Familiar with ServiceNow, Google Suite, Jira tools (or similar). If this sounds of interest to you, please apply ASAP.
Head of SAP Security - Contract - ASAP start One of our leading clients is seeking a specialist Head of Security to ensure that Security, IT Controls & IT Compliance within the template solution are designed, implemented and rolled out following the guiding principles as well as internal and external standards and applicable regulation in a SAP S/4HANA Programme. Responsibilities: Accountable for Definition and Implementation of Security, IT Controls & IT Compliance for Profectus Programme. Accountable for establishing Security & Controls Policies and establishing Identity and Access policies including SOD (Segregation of Duties). Accountable for identifying and training of control owners and for documentation of IT controls. Accountable for IT Controls Design including assessment the Controls with global and local Auditors. Defines requirements for IT controls reporting as well as IT control automation and aligns with Reporting & Analytics requirements. Maintains and ensures adherence at a local level to CCEP Policies, standards and controls. Accountable to control the identity & access setup procedures and for testing the user ID setup as well as validation of the controls. Skills and Qualifications: Ability to work in Matrix organization Direct and indirect leadership and excellent influencing skills. Experience in working above market or similar. Flexibility to travel across all CCEP locations when required. Deep knowledge of SAP S4/HANA technology in the area of SOD and Identity & Access Management and how to manage these in large scale global organizations Classification - Internal. Experience with enterprise and security architectures for meeting industry standards such as SOX, PCI, ISO 27001, HIPAA, and NIST frameworks. This is a 12-month contract position and will be paying a very attractive day rate. If you are looking for your next contract, contact me on the details below. Email: (see below)
Mar 29, 2023
Contractor
Head of SAP Security - Contract - ASAP start One of our leading clients is seeking a specialist Head of Security to ensure that Security, IT Controls & IT Compliance within the template solution are designed, implemented and rolled out following the guiding principles as well as internal and external standards and applicable regulation in a SAP S/4HANA Programme. Responsibilities: Accountable for Definition and Implementation of Security, IT Controls & IT Compliance for Profectus Programme. Accountable for establishing Security & Controls Policies and establishing Identity and Access policies including SOD (Segregation of Duties). Accountable for identifying and training of control owners and for documentation of IT controls. Accountable for IT Controls Design including assessment the Controls with global and local Auditors. Defines requirements for IT controls reporting as well as IT control automation and aligns with Reporting & Analytics requirements. Maintains and ensures adherence at a local level to CCEP Policies, standards and controls. Accountable to control the identity & access setup procedures and for testing the user ID setup as well as validation of the controls. Skills and Qualifications: Ability to work in Matrix organization Direct and indirect leadership and excellent influencing skills. Experience in working above market or similar. Flexibility to travel across all CCEP locations when required. Deep knowledge of SAP S4/HANA technology in the area of SOD and Identity & Access Management and how to manage these in large scale global organizations Classification - Internal. Experience with enterprise and security architectures for meeting industry standards such as SOX, PCI, ISO 27001, HIPAA, and NIST frameworks. This is a 12-month contract position and will be paying a very attractive day rate. If you are looking for your next contract, contact me on the details below. Email: (see below)
Business Information Security Officer My client is a leading television production company, and they are seeking a Business Information Security Officer. This person would be responsible for our client's IT Security governance, services, risk assessment, prevention & response activities. The Business Information Security Officer will have qualifications such as a CISSP, CCSK/CCSP, CISA/CISM, CRISC. They will be familiar with security standards, frameworks & legal requirements such as ISMS, ISO27001, NIST, COBIT, ITIL, GDPR/Data Protection Act 2018. There would be an expectation for this person to have a Minimum 5 years' experience in a similar role within IT Security for a multinational organisation and ideally also within streaming/TV/media services. The Business Information Security Officer will be liaising with any suppliers, including 3rd party supplier and consultancy personnel. Previous experience of this is a must, as well as an awareness of enterprise IT, security/Cloud solutions. Experience coordinating with outsourced/external service providers to implement & manage security solutions. Skills required: Project management experience with large scale multinational IT security projects. Ability to interpret, document, maintain and implement IT security policies. Experience coordinating and communicating IT security initiatives with a variety of international territories/cultures. Experience of supporting external IT auditors and similar compliance exercises. Awareness of enterprise IT, security/Cloud solutions. Understanding of the business relevance of information risks and the current trends, developments, concepts and controls of information security. Experience of performing, interpreting & remediating IT security vulnerability/risk assessments. Significant experience implementing security incident prevention measures and security incident response planning. Ability to articulate security advice and policy directly to key stakeholders. Experience coordinating with outsourced/external service providers to implement & manage security solutions. Excellent reporting skills. Strong interpersonal skills & excellent team player Ability to operate well under pressure with varying priorities Excellent time management skills. Deadline and results driven, ability to meet challenging deadlines. Excellent communication & presentation skills, to interact with senior management. Must be self-motivated, able to handle responsibility and to work in a fast paced and changing environment. Assertive, strong self-initiative, good communication, reporting, interpersonal and conflict resolution skills. Highly organised with ability to perform independently and prioritise workload. Ability to converse and liaise with both technical/non-technical people within the global organisation. Business Information Security Officer InterQuest Group is acting as an employment agency for this vacancy. InterQuest Group is an equal opportunities employer and we welcome applications from all suitably qualified persons regardless of age, disability, gender, religion/belief, race, marriage, civil partnership, pregnancy, maternity, sex or sexual orientation. Please make us aware if you require any reasonable adjustments throughout the recruitment process.
Nov 05, 2021
Full time
Business Information Security Officer My client is a leading television production company, and they are seeking a Business Information Security Officer. This person would be responsible for our client's IT Security governance, services, risk assessment, prevention & response activities. The Business Information Security Officer will have qualifications such as a CISSP, CCSK/CCSP, CISA/CISM, CRISC. They will be familiar with security standards, frameworks & legal requirements such as ISMS, ISO27001, NIST, COBIT, ITIL, GDPR/Data Protection Act 2018. There would be an expectation for this person to have a Minimum 5 years' experience in a similar role within IT Security for a multinational organisation and ideally also within streaming/TV/media services. The Business Information Security Officer will be liaising with any suppliers, including 3rd party supplier and consultancy personnel. Previous experience of this is a must, as well as an awareness of enterprise IT, security/Cloud solutions. Experience coordinating with outsourced/external service providers to implement & manage security solutions. Skills required: Project management experience with large scale multinational IT security projects. Ability to interpret, document, maintain and implement IT security policies. Experience coordinating and communicating IT security initiatives with a variety of international territories/cultures. Experience of supporting external IT auditors and similar compliance exercises. Awareness of enterprise IT, security/Cloud solutions. Understanding of the business relevance of information risks and the current trends, developments, concepts and controls of information security. Experience of performing, interpreting & remediating IT security vulnerability/risk assessments. Significant experience implementing security incident prevention measures and security incident response planning. Ability to articulate security advice and policy directly to key stakeholders. Experience coordinating with outsourced/external service providers to implement & manage security solutions. Excellent reporting skills. Strong interpersonal skills & excellent team player Ability to operate well under pressure with varying priorities Excellent time management skills. Deadline and results driven, ability to meet challenging deadlines. Excellent communication & presentation skills, to interact with senior management. Must be self-motivated, able to handle responsibility and to work in a fast paced and changing environment. Assertive, strong self-initiative, good communication, reporting, interpersonal and conflict resolution skills. Highly organised with ability to perform independently and prioritise workload. Ability to converse and liaise with both technical/non-technical people within the global organisation. Business Information Security Officer InterQuest Group is acting as an employment agency for this vacancy. InterQuest Group is an equal opportunities employer and we welcome applications from all suitably qualified persons regardless of age, disability, gender, religion/belief, race, marriage, civil partnership, pregnancy, maternity, sex or sexual orientation. Please make us aware if you require any reasonable adjustments throughout the recruitment process.
Allen Lane are delighted to be working with Action for Children on the recruitment of a number of exciting roles that will directly manage them through an exciting 3 year digital transformation programme. This is a wonderful opportunity to become part of a leading UK Charity that help hundreds of thousands of children every year across over four hundred services. Their successful reach and impact is reliant on the sound infrastructure that supports their frontline services, including technology and digital. This is a fantastic opportunity to join them as Systems Accountant and Finance Systems Team Leader, working with them through the full project cycle of a systems implementation. The role: Provide lead expertise with the management and maintenance of the corporate financial systems, ensuring integrity of data and system controls through efficient process design and management of a team (2 direct reports). Advise on policy and configuration set up of finance systems ie cost centre set up and closures, approval levels for purchases etc. following job structure and scheme of delegation. Support the implementation of change management projects to cover the provision, exchange and transfer of data from systems for analysis, decision making, updating and maintaining the chart of accounts etc. Support, plan and manage the test and release of various system versions, patches and bug fixes, ensuring effective change control is maintained, records and documentation produced liaising with system providers as necessary. Develop and build strong relationships with key internal and external stakeholders ie Finance Business Managers, Auditors, Suppliers of finance systems to also support continuity of service. What they need from you: Full accountancy qualification Proven experience of working in Finance Systems management/administration role. Proven experience of working with modern true cloud/SaaS Finance Business Applications. Experience of major finance systems implementation including data migrations from current to future systems. Experience of organisational change management in a finance systems context. This role will be predominantly working from home with only occasional travel required to Watford. Candidates nationwide will be considered as long as they are willing to travel to Watford if required. Employee benefits include: 29 days annual leave per year plus bank holidays Childcare vouchers Cycle scheme Discount portal - discount off high street brands, concierge, travel agency Wellbeing support
Oct 02, 2021
Full time
Allen Lane are delighted to be working with Action for Children on the recruitment of a number of exciting roles that will directly manage them through an exciting 3 year digital transformation programme. This is a wonderful opportunity to become part of a leading UK Charity that help hundreds of thousands of children every year across over four hundred services. Their successful reach and impact is reliant on the sound infrastructure that supports their frontline services, including technology and digital. This is a fantastic opportunity to join them as Systems Accountant and Finance Systems Team Leader, working with them through the full project cycle of a systems implementation. The role: Provide lead expertise with the management and maintenance of the corporate financial systems, ensuring integrity of data and system controls through efficient process design and management of a team (2 direct reports). Advise on policy and configuration set up of finance systems ie cost centre set up and closures, approval levels for purchases etc. following job structure and scheme of delegation. Support the implementation of change management projects to cover the provision, exchange and transfer of data from systems for analysis, decision making, updating and maintaining the chart of accounts etc. Support, plan and manage the test and release of various system versions, patches and bug fixes, ensuring effective change control is maintained, records and documentation produced liaising with system providers as necessary. Develop and build strong relationships with key internal and external stakeholders ie Finance Business Managers, Auditors, Suppliers of finance systems to also support continuity of service. What they need from you: Full accountancy qualification Proven experience of working in Finance Systems management/administration role. Proven experience of working with modern true cloud/SaaS Finance Business Applications. Experience of major finance systems implementation including data migrations from current to future systems. Experience of organisational change management in a finance systems context. This role will be predominantly working from home with only occasional travel required to Watford. Candidates nationwide will be considered as long as they are willing to travel to Watford if required. Employee benefits include: 29 days annual leave per year plus bank holidays Childcare vouchers Cycle scheme Discount portal - discount off high street brands, concierge, travel agency Wellbeing support
Compliance Lead is sought for an International organization. You will be taking a lead on all Technology compliance matters to ensure that legislation is being adhered to and the business is Compliant. This will include things like GDPR, PCI:DSS, International Cyber protection laws, etc. You will be able to conduct reviews and audits (working with external partners) to ensure that the business remains complaint at all times by managing risk registers, in addition you will input into new ventures in the UK and overseas to again ensure compliance, as well as where needed identify corrective action plans that you will oversee the delivery of. You will also assess the outcome of contractual or regulatory breaches identifying trends and root causes to that weaknesses can be addressed and the effectiveness of frameworks and controls improved. You will have strong knowledge of regulatory legislation including GDPR and PCI DSS, as well as strong communication skills and the ability to articulate complex and technical issues in business terms. You will also have experience of working with external auditors and influencing audit plans.
Oct 02, 2021
Full time
Compliance Lead is sought for an International organization. You will be taking a lead on all Technology compliance matters to ensure that legislation is being adhered to and the business is Compliant. This will include things like GDPR, PCI:DSS, International Cyber protection laws, etc. You will be able to conduct reviews and audits (working with external partners) to ensure that the business remains complaint at all times by managing risk registers, in addition you will input into new ventures in the UK and overseas to again ensure compliance, as well as where needed identify corrective action plans that you will oversee the delivery of. You will also assess the outcome of contractual or regulatory breaches identifying trends and root causes to that weaknesses can be addressed and the effectiveness of frameworks and controls improved. You will have strong knowledge of regulatory legislation including GDPR and PCI DSS, as well as strong communication skills and the ability to articulate complex and technical issues in business terms. You will also have experience of working with external auditors and influencing audit plans.
Prism Digital
Information Security Analyst - SIEM - Famous Arts Institution A world-renowned arts institution based in South Kensington is looking for a Cyber Security Analyst You will be joining an IT department of circa 20 staff. Your role will be as a very hands on IT Security specialist to maintain the internal and external security of the business at a large scale; 3,000 devices and 1,200 end users. You will be responsible for the day-to-day actions that will ensure the established information security policies are adhered to by all staff and all systems. You will monitor all security and compliance systems regularly taking action where required or ensuring that others who are responsible for those systems are taking appropriate action. Main tasks: * Lead the development, documentation and maintenance of information security policies, procedures, and standards across the organisation * Proactively initiate, facilitate, and promote activities to create awareness of information security * Assist in system and software architecture and design to ensure that data and assets remain secure at all times * Perform Information Security Risk Assessments of all new systems implemented * Perform regular risk assessments and work closely with auditors to pre-empt, mitigate, and swiftly respond to any audit findings * To investigate suspected and actual security incidents in accordance with the security incident management standard, produce reports with recommendations and ensure any remedial action is taken * Work with the IT Security Manager to implement and maintain the Information Security Management System (ISMS) * Manage the Security Information and Event Management system (SIEM) and other security systems ensuring appropriate actions are taken for all issues flagged for action by the system * Monitor all security compliance reporting ensuring appropriate actions are taken in response to the report details and escalating issues as required * Monitor security risks using data from security vendors, application vendors, government security organisations and other appropriate information sources and highlight areas of concern to the IT Security Manager * Monitor all security systems for potential security breaches and recommend remedial actions to be taken * Manage regular penetration tests (internal and external) Monitor the SIEM for issues arising Check compliance reports daily and get others to make appropriate updates Work with the Programme Manager on developing further compliance reports for regular review Verify Windows patches are applied by performing random checks Implement Nessus scanner with Cyber Essentials rules for internal systems to verify compliance levels Follow up on any phishing attacks or other security events to ensure proper process and documentation is followed Assist in putting together an Information Security Risk Assessment template and then conducting those for each of our systems. Follow up on penetration test results liaising with internal teams and external vendors to deliver required remediation Essential requirements: * Formal Information Security qualification (CISM, CISSP/CISA or equivalent) * At least 3 years of experience in Information Security Management or IT Audit related role * Understanding of ISO27001, Cyber Essentials, business continuity and compliance and audit frameworks * Understanding of IT infrastructure, networking systems and information management systems * Experienced in the selection and implementation of appropriate security controls * Ability to produce clear written material for Senior Management * Ability to communicate technical information in a clear and understandable manner to non-technical stakeholders * Ability to direct, interact and effectively share technical issues with IT staff and end users Desirable requirements: * Familiar with the configuration and operation of Nessus * Working within an ISO27001 or Cyber Essentials compliant environment * Strong understanding of GDPR and PCIDSS * Excellent analytical and problem-solving skills * Experience establishing an ISMS and SIEM Benefits: 28 days holiday 10% Co. Pension - no personal contrib needed Season Ticket Loan Cycle to Work Scheme Heavily subsidised Staff Canteen 36 Working Hour Week with a degree of flex Information Security Analyst - SIEM - Famous Arts Institution This is an amazing company to work for and they are looking for someone to start ASAP!
Feb 15, 2019
Prism Digital
Information Security Analyst - SIEM - Famous Arts Institution A world-renowned arts institution based in South Kensington is looking for a Cyber Security Analyst You will be joining an IT department of circa 20 staff. Your role will be as a very hands on IT Security specialist to maintain the internal and external security of the business at a large scale; 3,000 devices and 1,200 end users. You will be responsible for the day-to-day actions that will ensure the established information security policies are adhered to by all staff and all systems. You will monitor all security and compliance systems regularly taking action where required or ensuring that others who are responsible for those systems are taking appropriate action. Main tasks: * Lead the development, documentation and maintenance of information security policies, procedures, and standards across the organisation * Proactively initiate, facilitate, and promote activities to create awareness of information security * Assist in system and software architecture and design to ensure that data and assets remain secure at all times * Perform Information Security Risk Assessments of all new systems implemented * Perform regular risk assessments and work closely with auditors to pre-empt, mitigate, and swiftly respond to any audit findings * To investigate suspected and actual security incidents in accordance with the security incident management standard, produce reports with recommendations and ensure any remedial action is taken * Work with the IT Security Manager to implement and maintain the Information Security Management System (ISMS) * Manage the Security Information and Event Management system (SIEM) and other security systems ensuring appropriate actions are taken for all issues flagged for action by the system * Monitor all security compliance reporting ensuring appropriate actions are taken in response to the report details and escalating issues as required * Monitor security risks using data from security vendors, application vendors, government security organisations and other appropriate information sources and highlight areas of concern to the IT Security Manager * Monitor all security systems for potential security breaches and recommend remedial actions to be taken * Manage regular penetration tests (internal and external) Monitor the SIEM for issues arising Check compliance reports daily and get others to make appropriate updates Work with the Programme Manager on developing further compliance reports for regular review Verify Windows patches are applied by performing random checks Implement Nessus scanner with Cyber Essentials rules for internal systems to verify compliance levels Follow up on any phishing attacks or other security events to ensure proper process and documentation is followed Assist in putting together an Information Security Risk Assessment template and then conducting those for each of our systems. Follow up on penetration test results liaising with internal teams and external vendors to deliver required remediation Essential requirements: * Formal Information Security qualification (CISM, CISSP/CISA or equivalent) * At least 3 years of experience in Information Security Management or IT Audit related role * Understanding of ISO27001, Cyber Essentials, business continuity and compliance and audit frameworks * Understanding of IT infrastructure, networking systems and information management systems * Experienced in the selection and implementation of appropriate security controls * Ability to produce clear written material for Senior Management * Ability to communicate technical information in a clear and understandable manner to non-technical stakeholders * Ability to direct, interact and effectively share technical issues with IT staff and end users Desirable requirements: * Familiar with the configuration and operation of Nessus * Working within an ISO27001 or Cyber Essentials compliant environment * Strong understanding of GDPR and PCIDSS * Excellent analytical and problem-solving skills * Experience establishing an ISMS and SIEM Benefits: 28 days holiday 10% Co. Pension - no personal contrib needed Season Ticket Loan Cycle to Work Scheme Heavily subsidised Staff Canteen 36 Working Hour Week with a degree of flex Information Security Analyst - SIEM - Famous Arts Institution This is an amazing company to work for and they are looking for someone to start ASAP!
Gold Group Recruitment are seeking an Information Assurance Specialist to join our client’s internal IT Security Group. This opportunity is based in Surrey and is offering a salary of up to £63k per annum depending on experience.
The IT Security Group is the lead for all cyber security related activity within the company and its functions are split into two areas;
Governance, Accreditation and Compliance - providing security advice and guidance to the wider IT Department to support IT projects and change management and to the business with regard to accreditation, customer requests, service requests and general user queries
IT Security Operations - providing effective security monitoring, testing and analysis of the IT infrastructure
Responsibilities for the Information Assurance Specialist:
* Understand the different compliance frameworks required by the business (including, but not limited to, ISO 27001, MOD DAIS, Cyber Essentials, MOD Cyber Profiles, Australian DoD, etc)
* Engagement with the broader security industry and community to ensure company is aware of current and future threats, and is aligned with industry best practise.
* Develop contacts with relevant IT Accreditors and key customer IT Security functions.
* Review and update of the adequacy and completeness of IT Security documentation against changing customer and regulatory requirements including defence, civil nuclear, commercial, and data protection, and in the light of emerging risks.
* Support the accreditation processes, working with internal and external stakeholders to acquire and maintain all required security certifications.
* Liaise with other governance process holders, both in the IT department and the wider business, to ensure security best practise is correctly included in applicable procedures.
* Creation and maintenance of the IT security standards and other documentation to enable delegation of day to day IT security tasks to the IT Operations Group.
* Provide advice and guidance to IT Department projects, reviews, change requests and development processes
* Provide advice and guidance to the wider business regarding customer requests, service requests and general user queries
* Manage 3rd party cyber security audit processes
* Undertake security audits across IT systems, applications, processes and projects.
* Keep current with the latest threats, vulnerabilities and developments in cyber security.
* Taking an active part in security incident response
* Taking an active part in the continuous improvement processes with the wider IT department to ensure that security improvements are completed
* Identification and analysis of vulnerabilities within the Companies IT infrastructure, prioritising them in the context of the business
* Ensuring the IT security tools and systems are implemented and upgraded in line with industry best practise or vendor recommendation, and ensuring all security systems remain fit for purpose.
* Maintain relationships with key IT security suppliers to ensure continued delivery of service
* Information Assurance
* Adhere to the Company Information Assurance Manual and Handbook of Security Procedures.
* Ensure that the appropriate levels of protection, storage and access control are applied to all information in the company’s possession.
* Adhere to the acceptable use policy for all company IT systems and resources to which they have been granted access.
* Ensure the physical security of the Companies premises when responsible for the locking up process.
Although individual specialists will have specific lead responsibilities, they will be expected to be able to take on any of the duties of the IT Security group when required, and hence are expected to have a range of skills from both categories below.
Skills, Knowledge and Experience required
* Developing IT security department processes and procedures
* Understanding and developing controls in line with ISO 27000, Cyber Essentials, CIS (SANS) cyber controls & CSA Cloud cyber controls
* Conducting, or participating, in internal and external audit processes
* Broad IT knowledge to be able to provide security input into a range of projects
* Understanding and analysing system vulnerabilities
* Identification of remediation activities, working alongside IT Operations and Infrastructure Groups
* Understanding attack vectors and exploitation of vulnerabilities
* Understand firewall, network and server logs
* Network traffic capture and analysis.
* Understand the features of modern security monitoring systems
* The ability to analyse events and reported incidents
The Information Assurance Specialist should have experience in the following types of security tools
* Vulnerability scanning and analysis
* Enterprise SIEMs
* Network and host Intrusion Detection Systems
* Endpoint security and monitoring solutions
* Digital Forensics & Incident Response (DFIR) tools
* Qualifications
* Relevant cyber security qualifications are desirable, but not obligatory. Candidates will be assessed on their experience and capability. Relevant qualifications include:
* 27000 Lead Implementer or Auditor
* CISSP
* SANS GCIA & GCIH
* Certified Ethical Hacker (CEH)
* CCSP
This advert was posted by Gold Group - one of the UK's leading niche recruitment consultancies. We span a variety of specialist industries and are the recruitment company to help you find your next career opportunity. We pride ourselves on our commitment to candidates and stick to our ethos of finding the right role for the right person. Visit our website or get in touch today to discuss this role, find out what else we've got or just for a chat about the state of your industry. Services advertised by Gold Group are those of an Agency and/or an Employment Business. Please be aware that we receive a high volume of applications for every role advertised and regularly receive applications from candidates who exceed the job credentials. We will only contact you within the next 14 days if you are selected for interview. A copy of our privacy policy can be found here: https://(url removed)/about-us/privacy-policy. Gold Group is an equal opportunity & diversity employer. A copy of our equal opportunity & diversity policy can be found here: https://(url removed)/about-us/equality-and-diversity-policy
Oct 29, 2018
Gold Group Recruitment are seeking an Information Assurance Specialist to join our client’s internal IT Security Group. This opportunity is based in Surrey and is offering a salary of up to £63k per annum depending on experience.
The IT Security Group is the lead for all cyber security related activity within the company and its functions are split into two areas;
Governance, Accreditation and Compliance - providing security advice and guidance to the wider IT Department to support IT projects and change management and to the business with regard to accreditation, customer requests, service requests and general user queries
IT Security Operations - providing effective security monitoring, testing and analysis of the IT infrastructure
Responsibilities for the Information Assurance Specialist:
* Understand the different compliance frameworks required by the business (including, but not limited to, ISO 27001, MOD DAIS, Cyber Essentials, MOD Cyber Profiles, Australian DoD, etc)
* Engagement with the broader security industry and community to ensure company is aware of current and future threats, and is aligned with industry best practise.
* Develop contacts with relevant IT Accreditors and key customer IT Security functions.
* Review and update of the adequacy and completeness of IT Security documentation against changing customer and regulatory requirements including defence, civil nuclear, commercial, and data protection, and in the light of emerging risks.
* Support the accreditation processes, working with internal and external stakeholders to acquire and maintain all required security certifications.
* Liaise with other governance process holders, both in the IT department and the wider business, to ensure security best practise is correctly included in applicable procedures.
* Creation and maintenance of the IT security standards and other documentation to enable delegation of day to day IT security tasks to the IT Operations Group.
* Provide advice and guidance to IT Department projects, reviews, change requests and development processes
* Provide advice and guidance to the wider business regarding customer requests, service requests and general user queries
* Manage 3rd party cyber security audit processes
* Undertake security audits across IT systems, applications, processes and projects.
* Keep current with the latest threats, vulnerabilities and developments in cyber security.
* Taking an active part in security incident response
* Taking an active part in the continuous improvement processes with the wider IT department to ensure that security improvements are completed
* Identification and analysis of vulnerabilities within the Companies IT infrastructure, prioritising them in the context of the business
* Ensuring the IT security tools and systems are implemented and upgraded in line with industry best practise or vendor recommendation, and ensuring all security systems remain fit for purpose.
* Maintain relationships with key IT security suppliers to ensure continued delivery of service
* Information Assurance
* Adhere to the Company Information Assurance Manual and Handbook of Security Procedures.
* Ensure that the appropriate levels of protection, storage and access control are applied to all information in the company’s possession.
* Adhere to the acceptable use policy for all company IT systems and resources to which they have been granted access.
* Ensure the physical security of the Companies premises when responsible for the locking up process.
Although individual specialists will have specific lead responsibilities, they will be expected to be able to take on any of the duties of the IT Security group when required, and hence are expected to have a range of skills from both categories below.
Skills, Knowledge and Experience required
* Developing IT security department processes and procedures
* Understanding and developing controls in line with ISO 27000, Cyber Essentials, CIS (SANS) cyber controls & CSA Cloud cyber controls
* Conducting, or participating, in internal and external audit processes
* Broad IT knowledge to be able to provide security input into a range of projects
* Understanding and analysing system vulnerabilities
* Identification of remediation activities, working alongside IT Operations and Infrastructure Groups
* Understanding attack vectors and exploitation of vulnerabilities
* Understand firewall, network and server logs
* Network traffic capture and analysis.
* Understand the features of modern security monitoring systems
* The ability to analyse events and reported incidents
The Information Assurance Specialist should have experience in the following types of security tools
* Vulnerability scanning and analysis
* Enterprise SIEMs
* Network and host Intrusion Detection Systems
* Endpoint security and monitoring solutions
* Digital Forensics & Incident Response (DFIR) tools
* Qualifications
* Relevant cyber security qualifications are desirable, but not obligatory. Candidates will be assessed on their experience and capability. Relevant qualifications include:
* 27000 Lead Implementer or Auditor
* CISSP
* SANS GCIA & GCIH
* Certified Ethical Hacker (CEH)
* CCSP
This advert was posted by Gold Group - one of the UK's leading niche recruitment consultancies. We span a variety of specialist industries and are the recruitment company to help you find your next career opportunity. We pride ourselves on our commitment to candidates and stick to our ethos of finding the right role for the right person. Visit our website or get in touch today to discuss this role, find out what else we've got or just for a chat about the state of your industry. Services advertised by Gold Group are those of an Agency and/or an Employment Business. Please be aware that we receive a high volume of applications for every role advertised and regularly receive applications from candidates who exceed the job credentials. We will only contact you within the next 14 days if you are selected for interview. A copy of our privacy policy can be found here: https://(url removed)/about-us/privacy-policy. Gold Group is an equal opportunity & diversity employer. A copy of our equal opportunity & diversity policy can be found here: https://(url removed)/about-us/equality-and-diversity-policy
Information Assurance Specialist – up to £70k – Leatherhead area
Our client is looking to expand their Information Assurance team and keen to speak with Information Assurance Specialists for this key role with in the IT Security Group which is a critical part to the success of the company.
You will be providing security advice and guidance to the wider IT Department to support IT projects and change management and to the business with regard to accreditation, customer requests, service requests and general user queries
You’ll also be providing effective security monitoring, testing and analysis of the wider IT infrastructure
Key skills and experience
• Understand the different compliance frameworks required by the business (including, but not limited to, ISO 27001, MOD DAIS, Cyber Essentials, MOD Cyber Profiles, , etc)
• Engagement with the broader security industry and community to ensure the business is aware of current and future threats and is aligned with industry best practise.
• Develop contacts with relevant IT Accreditors and key customer IT Security functions.
• Review and update of the adequacy and completeness of IT Security documentation against changing customer and regulatory requirements including defence, civil nuclear, commercial, and data protection, and in the light of emerging risks.
• Liaise with other governance process holders, both in the IT department and the wider business, to ensure security best practise is correctly included in applicable procedures.
• Creation and maintenance of the IT security standards and other documentation to enable delegation of day to day IT security tasks to the IT Operations Group.
• Provide advice and guidance to IT Department projects, reviews, change requests and development processes
Requirements
The Information Assurance Specialist will be familiar with the following:
• Developing IT security department processes and procedures
• Understanding and developing controls in line with ISO 27000, Cyber Essentials, CIS (SANS) cyber controls & CSA Cloud cyber controls
• Conducting, or participating, in internal and external audit processes
• Broad IT knowledge to be able to provide security input into a range of projects
The successful Information Assurance Specialist will require a knowledge across the following:
• Understanding and analysing system vulnerabilities
• Identification of remediation activities, working alongside IT Operations and Infrastructure Groups
• Understanding attack vectors and exploitation of vulnerabilities
• Understand firewall, network and server logs
• Network traffic capture and analysis.
• Understand the features of modern security monitoring systems
• The ability to analyse events and reported incidents
Relevant cyber security qualifications are desirable, but not obligatory. Candidates will be assessed on their experience and capability. Relevant qualifications include:
• 27000 Lead Implementer or Auditor
• CISSP
• SANS GCIA & GCIH
• Certified Ethical Hacker (CEH)
• CCSP
People Source Consulting Ltd is acting as an Employment Agency in relation to this vacancy.
People Source specialise in technology recruitment across niche markets including Information Technology, Digital TV, Digital Marketing, Project and Programme Management, SAP, Digital and Consumer Electronics, Air Traffic Management, Management Consultancy, Business Intelligence, Manufacturing, Telecoms, Public Sector, Healthcare, Finance and Oil & Gas
Oct 29, 2018
Information Assurance Specialist – up to £70k – Leatherhead area
Our client is looking to expand their Information Assurance team and keen to speak with Information Assurance Specialists for this key role with in the IT Security Group which is a critical part to the success of the company.
You will be providing security advice and guidance to the wider IT Department to support IT projects and change management and to the business with regard to accreditation, customer requests, service requests and general user queries
You’ll also be providing effective security monitoring, testing and analysis of the wider IT infrastructure
Key skills and experience
• Understand the different compliance frameworks required by the business (including, but not limited to, ISO 27001, MOD DAIS, Cyber Essentials, MOD Cyber Profiles, , etc)
• Engagement with the broader security industry and community to ensure the business is aware of current and future threats and is aligned with industry best practise.
• Develop contacts with relevant IT Accreditors and key customer IT Security functions.
• Review and update of the adequacy and completeness of IT Security documentation against changing customer and regulatory requirements including defence, civil nuclear, commercial, and data protection, and in the light of emerging risks.
• Liaise with other governance process holders, both in the IT department and the wider business, to ensure security best practise is correctly included in applicable procedures.
• Creation and maintenance of the IT security standards and other documentation to enable delegation of day to day IT security tasks to the IT Operations Group.
• Provide advice and guidance to IT Department projects, reviews, change requests and development processes
Requirements
The Information Assurance Specialist will be familiar with the following:
• Developing IT security department processes and procedures
• Understanding and developing controls in line with ISO 27000, Cyber Essentials, CIS (SANS) cyber controls & CSA Cloud cyber controls
• Conducting, or participating, in internal and external audit processes
• Broad IT knowledge to be able to provide security input into a range of projects
The successful Information Assurance Specialist will require a knowledge across the following:
• Understanding and analysing system vulnerabilities
• Identification of remediation activities, working alongside IT Operations and Infrastructure Groups
• Understanding attack vectors and exploitation of vulnerabilities
• Understand firewall, network and server logs
• Network traffic capture and analysis.
• Understand the features of modern security monitoring systems
• The ability to analyse events and reported incidents
Relevant cyber security qualifications are desirable, but not obligatory. Candidates will be assessed on their experience and capability. Relevant qualifications include:
• 27000 Lead Implementer or Auditor
• CISSP
• SANS GCIA & GCIH
• Certified Ethical Hacker (CEH)
• CCSP
People Source Consulting Ltd is acting as an Employment Agency in relation to this vacancy.
People Source specialise in technology recruitment across niche markets including Information Technology, Digital TV, Digital Marketing, Project and Programme Management, SAP, Digital and Consumer Electronics, Air Traffic Management, Management Consultancy, Business Intelligence, Manufacturing, Telecoms, Public Sector, Healthcare, Finance and Oil & Gas
IT Internal Auditor - Risk And Control (CISA or QICA)
Tyne & Wear
Circa £46,000 per annum + up to 15% bonus + competitive benefits
(Salary dependent upon qualifications and/or experience)
The Client:
Our client is a leading power distribution provider based in the North East and Yorkshire.
The Opportunity:
You will be joining our client’s internal audit section and will undertake a range of high profile internal audit assignments with a view to ensuring risks are understood and systems adequately controlled.
Key responsibilities may include, but are not limited to:
• Undertaking the planning of audits, including fact finding and determining the scope of the work.
• Carrying out assessment of the risks involved in the area under review and their significance to the company.
• Identifying and testing the controls that are designed to mitigate business risks.
• Completing work within agreed job budgets.
• Preparing draft and final audit reports.
• Presenting the results to management.
• Undertaking adhoc assignments and special investigations where necessary.
• Helping management to solve operational problems.
• Monitoring, reviewing and developing systems particularly in relation to business processes.
The Individual:
It is beneficial that the successful candidate holds an appropriate Computer Audit qualification such as ISACA CISA, CISM, CRISC or QICA along with proven experience of delivering internal audits, special investigations and consultancy reviews. It would be fantastic if the candidate holds a qualified accountants qualification (ACA, ACCA, CIMA or CIPFA) or has Sarbanes-Oxley experience however all suitable applications are welcome.
You must have excellent attention to detail and a proven commitment to carrying out audit work to the excellent standards our client has come to expect. This will include control/risk identification, high quality audit working papers, producing reports and recommending improvements from said audits.
You will be expected to work both independently as well as part of a team and as such, excellent communications skills at all levels are essential in order to communicate risk and implications associated with audit findings and challenging management views where appropriate.
Full UK Driving Licence is required.
Keywords: Audit / Auditor / Auditing / IT / IT Audit / IT Auditor / IT Auditing / IT Audit Plan / Audit Plan / Senior Auditor / Lead Auditor / Lead Auditing / Internal Audit / Internal Auditor / Internal Auditing / Audit Manager / ISACA / CISA / QICA / Certified Information Systems Auditor / Certified / Systems Auditor / Systems Auditing / C.I.S.A. / Computer Audit / Computer Auditor / Computer Auditing / Qualified / Qualification In Computer Auditing / ISACA / ISACA Certification / CISM / CGEIT / CRISC / Certified Information Security Manager / Certified In the Governance of Enterprise IT / Certified In Risk And Information Systems Control / ISO 270001 / Information / Security / Assurance / Risk / Control / Sarbanes / Oxley / Sarbanes-Oxley / ACA / ACCA / CIMA / CIPFA / Accountant / Finance / Business Risk / Risks / Special Investigation / Investigations / Big4 / Forensic / Digital Computer Forensic / EnCase / Data Analytic / Data Analytics / Fraud / Private / Public / Sector / External / Newcastle / Newcastle-Upon-Tyne / Gateshead / Tyne / Tees / Wearside / Northumberland / South Shields / North Shields / Durham / Carlisle / Sunderland / Cleveland / Middlesbrough / Hartlepool / Stockton-On-Tees / Leeds / York / Yorkshire / Manchester / Birmingham / Midlands / Liverpool / Bristol / London / Home Counties / Edinburgh / Glasgow / England / Scotland / United Kingdom / UK
Jul 24, 2015
IT Internal Auditor - Risk And Control (CISA or QICA)
Tyne & Wear
Circa £46,000 per annum + up to 15% bonus + competitive benefits
(Salary dependent upon qualifications and/or experience)
The Client:
Our client is a leading power distribution provider based in the North East and Yorkshire.
The Opportunity:
You will be joining our client’s internal audit section and will undertake a range of high profile internal audit assignments with a view to ensuring risks are understood and systems adequately controlled.
Key responsibilities may include, but are not limited to:
• Undertaking the planning of audits, including fact finding and determining the scope of the work.
• Carrying out assessment of the risks involved in the area under review and their significance to the company.
• Identifying and testing the controls that are designed to mitigate business risks.
• Completing work within agreed job budgets.
• Preparing draft and final audit reports.
• Presenting the results to management.
• Undertaking adhoc assignments and special investigations where necessary.
• Helping management to solve operational problems.
• Monitoring, reviewing and developing systems particularly in relation to business processes.
The Individual:
It is beneficial that the successful candidate holds an appropriate Computer Audit qualification such as ISACA CISA, CISM, CRISC or QICA along with proven experience of delivering internal audits, special investigations and consultancy reviews. It would be fantastic if the candidate holds a qualified accountants qualification (ACA, ACCA, CIMA or CIPFA) or has Sarbanes-Oxley experience however all suitable applications are welcome.
You must have excellent attention to detail and a proven commitment to carrying out audit work to the excellent standards our client has come to expect. This will include control/risk identification, high quality audit working papers, producing reports and recommending improvements from said audits.
You will be expected to work both independently as well as part of a team and as such, excellent communications skills at all levels are essential in order to communicate risk and implications associated with audit findings and challenging management views where appropriate.
Full UK Driving Licence is required.
Keywords: Audit / Auditor / Auditing / IT / IT Audit / IT Auditor / IT Auditing / IT Audit Plan / Audit Plan / Senior Auditor / Lead Auditor / Lead Auditing / Internal Audit / Internal Auditor / Internal Auditing / Audit Manager / ISACA / CISA / QICA / Certified Information Systems Auditor / Certified / Systems Auditor / Systems Auditing / C.I.S.A. / Computer Audit / Computer Auditor / Computer Auditing / Qualified / Qualification In Computer Auditing / ISACA / ISACA Certification / CISM / CGEIT / CRISC / Certified Information Security Manager / Certified In the Governance of Enterprise IT / Certified In Risk And Information Systems Control / ISO 270001 / Information / Security / Assurance / Risk / Control / Sarbanes / Oxley / Sarbanes-Oxley / ACA / ACCA / CIMA / CIPFA / Accountant / Finance / Business Risk / Risks / Special Investigation / Investigations / Big4 / Forensic / Digital Computer Forensic / EnCase / Data Analytic / Data Analytics / Fraud / Private / Public / Sector / External / Newcastle / Newcastle-Upon-Tyne / Gateshead / Tyne / Tees / Wearside / Northumberland / South Shields / North Shields / Durham / Carlisle / Sunderland / Cleveland / Middlesbrough / Hartlepool / Stockton-On-Tees / Leeds / York / Yorkshire / Manchester / Birmingham / Midlands / Liverpool / Bristol / London / Home Counties / Edinburgh / Glasgow / England / Scotland / United Kingdom / UK
An experienced Internal Auditor with proven experience in Information Security, Compliance & IT Management standards to include; ISO 27001, ISO 22301 , SOC 2 / ISAE 3402, HIPAA, SOX and PCI DSS is now urgently sought to join this multi award winning Software as a Service (SaaS) company! Reporting directly to the Director of Governance Risk & Compliance here as the Internal Auditor you will be responsible for the company’s Internal Audit, Certification & Attestation programme. This will entail assisting with the scoping, documentation, testing and gap analysis, working with external auditors and regulators. Other specific tasks / responsibilities will include but not be limited to;
• Assisting with and executing the planning and performance of ISO 27001/2, ISO 27018, ISO 22301 and Service Organization Controls (SOC 2 Type 1/2), SOX, HIPAA, PCI and other audits / assessments required by regulation or as requested by customers.
• Developing project requirements, objectives, plans, schedules and tasks for related to audit and compliance activities.
• Coordinating audit-related tasks to ensure the readiness of managers and their teams for audit testing and then facilitating the resolution of any audit findings.
• Facilitating compliance with the internal control standards via regular monitoring of related activities.
• Executing multiple security control validation programmes simultaneously with specific deadlines.
• Identifying areas where existing policies, standards and procedures require change.
• Supporting any additional internal and external compliance activity as required
This is a superb opportunity to join a genuine market leading tech company that is right at the very forefront of SaaS / Cloud services and continues to enjoy rapid expansion due to their ambitious growth plans.
The ideal candidate for this key role will be degree educated with a minimum of 3 - 5 years practical experience in compliance/ risk management activities / audit / with regulatory qualifications such as CRMA, CISA or CRISC etc. Specific recent experience of working for a Cloud Services / SaaS provider with responsibility for controls, risks and compliance requirements of regulated customers would be a definite advantage and previous experience in a Financial Services, Credit Card, Banking, or Public Accounting firm may prove helpful. Boasting a dynamic and fast paced (but well structured) working environment that is built upon a great team culture, our client is offering a basic salary of up to £85K + Benefits
Jul 24, 2015
An experienced Internal Auditor with proven experience in Information Security, Compliance & IT Management standards to include; ISO 27001, ISO 22301 , SOC 2 / ISAE 3402, HIPAA, SOX and PCI DSS is now urgently sought to join this multi award winning Software as a Service (SaaS) company! Reporting directly to the Director of Governance Risk & Compliance here as the Internal Auditor you will be responsible for the company’s Internal Audit, Certification & Attestation programme. This will entail assisting with the scoping, documentation, testing and gap analysis, working with external auditors and regulators. Other specific tasks / responsibilities will include but not be limited to;
• Assisting with and executing the planning and performance of ISO 27001/2, ISO 27018, ISO 22301 and Service Organization Controls (SOC 2 Type 1/2), SOX, HIPAA, PCI and other audits / assessments required by regulation or as requested by customers.
• Developing project requirements, objectives, plans, schedules and tasks for related to audit and compliance activities.
• Coordinating audit-related tasks to ensure the readiness of managers and their teams for audit testing and then facilitating the resolution of any audit findings.
• Facilitating compliance with the internal control standards via regular monitoring of related activities.
• Executing multiple security control validation programmes simultaneously with specific deadlines.
• Identifying areas where existing policies, standards and procedures require change.
• Supporting any additional internal and external compliance activity as required
This is a superb opportunity to join a genuine market leading tech company that is right at the very forefront of SaaS / Cloud services and continues to enjoy rapid expansion due to their ambitious growth plans.
The ideal candidate for this key role will be degree educated with a minimum of 3 - 5 years practical experience in compliance/ risk management activities / audit / with regulatory qualifications such as CRMA, CISA or CRISC etc. Specific recent experience of working for a Cloud Services / SaaS provider with responsibility for controls, risks and compliance requirements of regulated customers would be a definite advantage and previous experience in a Financial Services, Credit Card, Banking, or Public Accounting firm may prove helpful. Boasting a dynamic and fast paced (but well structured) working environment that is built upon a great team culture, our client is offering a basic salary of up to £85K + Benefits
IT Internal Auditor - Risk And Control (CISA or QICA)
Tyne & Wear
Circa £46,000 per annum + up to 15% bonus + competitive benefits
(Salary dependent upon qualifications and/or experience)
The Client:
Our client is a leading power distribution provider based in the North East and Yorkshire.
The Opportunity:
You will be joining our client’s internal audit section and will undertake a range of high profile internal audit assignments with a view to ensuring risks are understood and systems adequately controlled.
Key responsibilities may include, but are not limited to:
• Undertaking the planning of audits, including fact finding and determining the scope of the work.
• Carrying out assessment of the risks involved in the area under review and their significance to the company.
• Identifying and testing the controls that are designed to mitigate business risks.
• Completing work within agreed job budgets.
• Preparing draft and final audit reports.
• Presenting the results to management.
• Undertaking adhoc assignments and special investigations where necessary.
• Helping management to solve operational problems.
• Monitoring, reviewing and developing systems particularly in relation to business processes.
The Individual:
It is beneficial that the successful candidate holds an appropriate Computer Audit qualification such as ISACA CISA, CISM, CRISC or QICA along with proven experience of delivering internal audits, special investigations and consultancy reviews. It would be fantastic if the candidate holds a qualified accountants qualification (ACA, ACCA, CIMA or CIPFA) or has Sarbanes-Oxley experience however all suitable applications are welcome.
You must have excellent attention to detail and a proven commitment to carrying out audit work to the excellent standards our client has come to expect. This will include control/risk identification, high quality audit working papers, producing reports and recommending improvements from said audits.
You will be expected to work both independently as well as part of a team and as such, excellent communications skills at all levels are essential in order to communicate risk and implications associated with audit findings and challenging management views where appropriate.
Full UK Driving Licence is required.
Keywords: Audit / Auditor / Auditing / IT / IT Audit / IT Auditor / IT Auditing / IT Audit Plan / Audit Plan / Senior Auditor / Lead Auditor / Lead Auditing / Internal Audit / Internal Auditor / Internal Auditing / Audit Manager / ISACA / CISA / QICA / Certified Information Systems Auditor / Certified / Systems Auditor / Systems Auditing / C.I.S.A. / Computer Audit / Computer Auditor / Computer Auditing / Qualified / Qualification In Computer Auditing / ISACA / ISACA Certification / CISM / CGEIT / CRISC / Certified Information Security Manager / Certified In the Governance of Enterprise IT / Certified In Risk And Information Systems Control / ISO 270001 / Information / Security / Assurance / Risk / Control / Sarbanes / Oxley / Sarbanes-Oxley / ACA / ACCA / CIMA / CIPFA / Accountant / Finance / Business Risk / Risks / Special Investigation / Investigations / Big4 / Forensic / Digital Computer Forensic / EnCase / Data Analytic / Data Analytics / Fraud / Private / Public / Sector / External / Newcastle / Newcastle-Upon-Tyne / Gateshead / Tyne / Tees / Wearside / Northumberland / South Shields / North Shields / Durham / Carlisle / Sunderland / Cleveland / Middlesbrough / Hartlepool / Stockton-On-Tees / Leeds / York / Yorkshire / Manchester / Birmingham / Midlands / Liverpool / Bristol / London / Home Counties / Edinburgh / Glasgow / England / Scotland / United Kingdom / UK
Jul 23, 2015
IT Internal Auditor - Risk And Control (CISA or QICA)
Tyne & Wear
Circa £46,000 per annum + up to 15% bonus + competitive benefits
(Salary dependent upon qualifications and/or experience)
The Client:
Our client is a leading power distribution provider based in the North East and Yorkshire.
The Opportunity:
You will be joining our client’s internal audit section and will undertake a range of high profile internal audit assignments with a view to ensuring risks are understood and systems adequately controlled.
Key responsibilities may include, but are not limited to:
• Undertaking the planning of audits, including fact finding and determining the scope of the work.
• Carrying out assessment of the risks involved in the area under review and their significance to the company.
• Identifying and testing the controls that are designed to mitigate business risks.
• Completing work within agreed job budgets.
• Preparing draft and final audit reports.
• Presenting the results to management.
• Undertaking adhoc assignments and special investigations where necessary.
• Helping management to solve operational problems.
• Monitoring, reviewing and developing systems particularly in relation to business processes.
The Individual:
It is beneficial that the successful candidate holds an appropriate Computer Audit qualification such as ISACA CISA, CISM, CRISC or QICA along with proven experience of delivering internal audits, special investigations and consultancy reviews. It would be fantastic if the candidate holds a qualified accountants qualification (ACA, ACCA, CIMA or CIPFA) or has Sarbanes-Oxley experience however all suitable applications are welcome.
You must have excellent attention to detail and a proven commitment to carrying out audit work to the excellent standards our client has come to expect. This will include control/risk identification, high quality audit working papers, producing reports and recommending improvements from said audits.
You will be expected to work both independently as well as part of a team and as such, excellent communications skills at all levels are essential in order to communicate risk and implications associated with audit findings and challenging management views where appropriate.
Full UK Driving Licence is required.
Keywords: Audit / Auditor / Auditing / IT / IT Audit / IT Auditor / IT Auditing / IT Audit Plan / Audit Plan / Senior Auditor / Lead Auditor / Lead Auditing / Internal Audit / Internal Auditor / Internal Auditing / Audit Manager / ISACA / CISA / QICA / Certified Information Systems Auditor / Certified / Systems Auditor / Systems Auditing / C.I.S.A. / Computer Audit / Computer Auditor / Computer Auditing / Qualified / Qualification In Computer Auditing / ISACA / ISACA Certification / CISM / CGEIT / CRISC / Certified Information Security Manager / Certified In the Governance of Enterprise IT / Certified In Risk And Information Systems Control / ISO 270001 / Information / Security / Assurance / Risk / Control / Sarbanes / Oxley / Sarbanes-Oxley / ACA / ACCA / CIMA / CIPFA / Accountant / Finance / Business Risk / Risks / Special Investigation / Investigations / Big4 / Forensic / Digital Computer Forensic / EnCase / Data Analytic / Data Analytics / Fraud / Private / Public / Sector / External / Newcastle / Newcastle-Upon-Tyne / Gateshead / Tyne / Tees / Wearside / Northumberland / South Shields / North Shields / Durham / Carlisle / Sunderland / Cleveland / Middlesbrough / Hartlepool / Stockton-On-Tees / Leeds / York / Yorkshire / Manchester / Birmingham / Midlands / Liverpool / Bristol / London / Home Counties / Edinburgh / Glasgow / England / Scotland / United Kingdom / UK
An experienced Internal Auditor with proven experience in Information Security, Compliance & IT Management standards to include; ISO 27001, ISO 22301 , SOC 2 / ISAE 3402, HIPAA, SOX and PCI DSS is now urgently sought to join this multi award winning Software as a Service (SaaS) company! Reporting directly to the Director of Governance Risk & Compliance here as the Internal Auditor you will be responsible for the company’s Internal Audit, Certification & Attestation programme. This will entail assisting with the scoping, documentation, testing and gap analysis, working with external auditors and regulators. Other specific tasks / responsibilities will include but not be limited to;
• Assisting with and executing the planning and performance of ISO 27001/2, ISO 27018, ISO 22301 and Service Organization Controls (SOC 2 Type 1/2), SOX, HIPAA, PCI and other audits / assessments required by regulation or as requested by customers.
• Developing project requirements, objectives, plans, schedules and tasks for related to audit and compliance activities.
• Coordinating audit-related tasks to ensure the readiness of managers and their teams for audit testing and then facilitating the resolution of any audit findings.
• Facilitating compliance with the internal control standards via regular monitoring of related activities.
• Executing multiple security control validation programmes simultaneously with specific deadlines.
• Identifying areas where existing policies, standards and procedures require change.
• Supporting any additional internal and external compliance activity as required
This is a superb opportunity to join a genuine market leading tech company that is right at the very forefront of SaaS / Cloud services and continues to enjoy rapid expansion due to their ambitious growth plans.
The ideal candidate for this key role will be degree educated with a minimum of 3 - 5 years practical experience in compliance/ risk management activities / audit / with regulatory qualifications such as CRMA, CISA or CRISC etc. Specific recent experience of working for a Cloud Services / SaaS provider with responsibility for controls, risks and compliance requirements of regulated customers would be a definite advantage and previous experience in a Financial Services, Credit Card, Banking, or Public Accounting firm may prove helpful. Boasting a dynamic and fast paced (but well structured) working environment that is built upon a great team culture, our client is offering a basic salary of up to £85K + Benefits
Jul 23, 2015
An experienced Internal Auditor with proven experience in Information Security, Compliance & IT Management standards to include; ISO 27001, ISO 22301 , SOC 2 / ISAE 3402, HIPAA, SOX and PCI DSS is now urgently sought to join this multi award winning Software as a Service (SaaS) company! Reporting directly to the Director of Governance Risk & Compliance here as the Internal Auditor you will be responsible for the company’s Internal Audit, Certification & Attestation programme. This will entail assisting with the scoping, documentation, testing and gap analysis, working with external auditors and regulators. Other specific tasks / responsibilities will include but not be limited to;
• Assisting with and executing the planning and performance of ISO 27001/2, ISO 27018, ISO 22301 and Service Organization Controls (SOC 2 Type 1/2), SOX, HIPAA, PCI and other audits / assessments required by regulation or as requested by customers.
• Developing project requirements, objectives, plans, schedules and tasks for related to audit and compliance activities.
• Coordinating audit-related tasks to ensure the readiness of managers and their teams for audit testing and then facilitating the resolution of any audit findings.
• Facilitating compliance with the internal control standards via regular monitoring of related activities.
• Executing multiple security control validation programmes simultaneously with specific deadlines.
• Identifying areas where existing policies, standards and procedures require change.
• Supporting any additional internal and external compliance activity as required
This is a superb opportunity to join a genuine market leading tech company that is right at the very forefront of SaaS / Cloud services and continues to enjoy rapid expansion due to their ambitious growth plans.
The ideal candidate for this key role will be degree educated with a minimum of 3 - 5 years practical experience in compliance/ risk management activities / audit / with regulatory qualifications such as CRMA, CISA or CRISC etc. Specific recent experience of working for a Cloud Services / SaaS provider with responsibility for controls, risks and compliance requirements of regulated customers would be a definite advantage and previous experience in a Financial Services, Credit Card, Banking, or Public Accounting firm may prove helpful. Boasting a dynamic and fast paced (but well structured) working environment that is built upon a great team culture, our client is offering a basic salary of up to £85K + Benefits
