Job description
Our client is looking for a Cyber Security Assurance Specialist who will be responsible for ensuring that the organisation's systems, applications, processes adhere to internal security standards, industry best practices and regulatory compliance requirements.
Key Responsibilities and Accountabilities:
- Assess security vulnerabilities to protect the organisation and mitigate risk to protect data and assets.
- Conduct security assessments, vulnerability assessments and audits of internal and our partner's external systems to evaluate risk, alignment and compliance with security policies, standards and frameworks (ISO 27001, NIST, CIS and internal policies etc.)
- Identify and analyse and prioritise cyber risk, develop risk mitigation strategies and ensure their implementation.
- Ensure compliance with all regulatory requirements (GDPR etc.) and internal and external partner security policies. Develop and update information security policies and procedures as require.
- Support of incident response investigating and remediating incidents. Provide post-incident reviews and make suggestions for improvements to CIO.
- Conduct security assessments of vendors, partners and third parties to ensure alignment.
- Assist in development of cyber security training and awareness programmes for employees ensuring alignment with the latest threats and security practices.
- Monitor emerging security threats and trends, ensuring security measures and strategies are continuously updated to reflect the latest in cyber security risks and best practices.
- Collaborate closely with internal teams as well as those of our external partners to integrate and align security measures and compliance and challenge when required.
- Ad hoc duties as required.
Essential Skills and Knowledge:
- Degree in Computer Science, Information Security or related field (or equivalent experience)
- Relevant certifications (CISSP, CISM, CISA, ISO27001 etc.)
- Demonstrable experience within a cyber security, security assurance role or related fields gained within a regulated environment (ideally insurance).
- Experience in conducting security risk assessments and audits.
- Strong understanding of regulatory compliance requirements including GDPR, SOX etc.)
Technical Skills
- Familiarity with vulnerability management tools
- Knowledge of Firewalls, Intrusion Detection Systems and Network Security Protocols
- Understanding of cloud security and related compliance requirements
- Experience with security incident management and investigations.
Soft Skills
- Excellent written and verbal communication skills with the ability to explain complex security issues to non-technical business stakeholders.
- Ability to build relationships with internal and external stakeholders and business partners working collaboratively.
- Strong analytical and problem-solving skills
- Ability to work independently and within a team.
- Attention to detail and ability to prioritise tasks.
What we offer:
- Pension contribution 5% or more by employee, 10% employer
- 28 Days Annual Leave
- Death in Service 4 x Salary
- Sick Pay
- Private Medical Insurance
GWV Talent Solutions Limited trading as Vermelo RPO acts as an employment agency for permanent recruitment and an employment business for the supply of temporary and contract workers. By applying for this job you accept the terms of our Privacy Policy and Terms of Service Agreement which can be found at www.vermelorpo.com