and recovery efforts, and conduct regular security risk assessments and audits. What you'll bring: Proven experience in a similar senior information security role / s, preferably with experience of working in organisations providing technology outsourcing services to large public and private sector organisations. Strong knowledge of information security … and risk management frameworks or standards, such as ISO/IEC 27001, ISO/IEC27005, NIST Cyber Security Framework, CIS, NCSC Cyber Assessment Framework, Ministry of Defence Joint Service Publications, Secure by Design and Privacy by Design … we'd love to hear from you! Although this role is advertised as full-time, we believe that flexibility at work can promote work / life balance, increase your motivation, reduce stress and improve performance and productivity. We support different ways of working and can offer a range of More ❯
the EMEA EIT department to all relevant legislation and regulations, including but not limited to Health and Safety, Financial and Privacy laws. Main duties / responsibilities: Conduct information security, information system, and compliance-based risk assessments, evaluate responses and recommend risk treatment actions Develop and execute risk mitigation plans … in conjunction with relevant internal and external stakeholders / groups and to agreed timescales, following through to completion Support the creation, implementation and maintenance of information security policies and standards, in accordance with ISO 27001 other relevant frameworks and standards (NIST CSF, IEC 62443, CIS … relevant Support information security and compliance audits conducted in the department Qualifications and Experience required: Degree level qualified or equivalent - highly desirable. CISM and / or CRISC or other relevant certification is highly desirable ISO 27001:2022 Lead Implementer / Auditor certification is essential. Demonstratable experience More ❯
Birmingham, Staffordshire, United Kingdom Hybrid / WFH Options
SYSTRA
strong leadership and interpersonal skills combined with commercial awareness and the ability to play their part in growing a dynamic high-performance team. Missions / Main Duties Supporting the Lead Cyber Security Engineer you will deliver cyber security solutions, to our rail & infrastructure clients, on projects from Concept phase … technical documents and reports and assist in the preparation of expressions of interest and tenders. Effective and clear communication to project related correspondence. Profile / Skills BSc in Cybersecurity, BSc in Computer Science, BSc in Computer Science Engineering or similar. Experience in OT cyber security and cyber security risk … management. Ability to independently define and manage cyber security strategy / planning and establish the OT cyber security governance. Experience in Threat Identification and Cyber Security Risk Management (Analysis and Assessment) for complex systems. Working knowledge with the major OT cyber security standards (including IEC 62443 series More ❯
Luton, Bedfordshire, United Kingdom Hybrid / WFH Options
慨正橡扯
resilience controls to embedded systems. It would be desirable, but not essential , if you also had one or more of: Practical experience of ISO27001 / 27004 /27005 or NIST Risk Management Framework (RMF); Knowledge of UK / NATO Information Assurance / Accreditation frameworks … Knowledge of EASA / FAA Airworthiness Certification frameworks; Awareness of current crypto technologies, Key Management Systems & practical COMSEC; Chartered Engineer status with a recognised body; Awarded or looking to achieve an NCSC Certified Cyber Professional (CCP) recognition; Awareness of Information Security (INFOSEC), Communications Security (COMSEC), Transmission Security (TRANSEC), Product … Safety and their inter-relationship; Experience of producing and delivering training / awareness material within a corporate environment; Familiarity with incident investigation and implementation of an investigation process such as used by the Air Accidents Investigation Branch (AAIB). Why Leonardo? The business, primarily based in Luton, has a More ❯
Highly Valued) CISSP (Certified Information Systems Security Professional) CISM (Certified Information Security Manager) CISA (Certified Information Systems Auditor) ISO 27001 Lead Auditor / Implementer CRISC (Certified in Risk and Information Systems Control) GDPR Certification (e.g., IAPP CIPP / E, CIPM for data protection compliance) Experience Requirements … years of experience in Information Security, Compliance, or IT Risk Management. Experience with regulatory frameworks in UK & EU : GDPR (General Data Protection Regulation) ISO 27001 (Information Security Management Systems) Cyber Essentials Plus (UK government-backed security framework) DORA (Digital Operational Resilience Act) - EU financial sector PCI-DSS (if … understanding of data protection laws (UK GDPR, EU GDPR, DPA 2018) . Familiarity with risk management frameworks like NIST CSF, CIS Controls, and ISO27005 . Experience with cyber security tools (e.g., SIEM, Malware Protection, Firewalls and others) is a plus. Strong reporting and communication skills More ❯
Conduct risk assessments and update treatment plans in line with CIO scope. Perform audits in line with the Security Controls Framework (SCF) and ISO standards. Review and update Information Security Management System (ISMS) documentation and approved supplier status. Prepare for and facilitate CIO audits, liaising with auditing teams … skills with a proven track record of identifying and resolving issues quickly. Desirable experience in environmental safety and operational management support. Knowledge of ISO27001 /27005 standards and the Security Controls Framework (desirable). Experience in delivering training and familiarisation sessions related to ISMS and CIO compliance More ❯
Manchester, Lancashire, United Kingdom Hybrid / WFH Options
TalkTalk Telecom Group PLC
view of risks. Therefore, facilitating the business to make risk-based decisions. Reporting directly into the Lead Security Risk Manager, with no direct reports / people management duties. About the Role The Senior Security Risk Manager would work with various teams within PlatformX to facilitate and be responsible for … decisions for clarity of prioritisation and investment. What you will be working on Responsible to identify and manage security risks relating to internal systems / applications and external / suppliers. Manage risk moderation exercises and influencing decisions by delivering substantiated recommendations. Responsible to conduct and maintain security risk … knowledge and experience in security, with demonstratable experience in security risk management. Excellent knowledge in security risk frameworks and best practices such as ISO27001, ISO27005, SOC2, NIST. CISSP, CISM and / or CRISC desirable. Desirable: Telecoms experience advantageous. How we look after our employees Our brand new "PXC Flex More ❯
Cambridge, Cambridgeshire, United Kingdom Hybrid / WFH Options
TieTalent
Cambridge University Press & Assessment (CUPA) Location: Cambridge / Hybrid with 2 days a week minimum the office Contract: Permanent Join our organisation as a Security Risk Lead . Utilise your expertise and drive to safeguard operations in this impactful role. We are Cambridge University Press & Assessment, a world-leading … the organisation in industry forums. About you We are looking for someone with extensive knowledge of security risk management frameworks and methodologies (e.g., ISO 31000, 27001, 27005) and regulatory requirements in the industry. The ideal candidate will have a relevant degree in Risk Management, Finance, Business … regardless of demographic characteristics (age, disability, educational attainment, ethnicity, gender, marital status, neurodiversity, religion, sex, gender identity and sexual identity), cultural, or social class / background. We believe better outcomes come through diversity of thought, background and approach. We welcome applications from people from all backgrounds and communities, actively More ❯
