Our client is looking for a Cyber Security Assurance Specialist who will be responsible for ensuring that the organisation's systems, applications, and processes adhere to internal security standards, industry best practices, and regulatory compliance requirements.
Key Responsibilities and Accountabilities:
1. Assess security vulnerabilities to protect the organisation and mitigate risk to protect data and assets.
2. Conduct security assessments, vulnerability assessments, and audits of internal and external partner systems to evaluate risk, alignment, and compliance with security policies, standards, and frameworks (ISO 27001, NIST, CIS, and internal policies).
3. Identify, analyze, and prioritize cyber risk, develop risk mitigation strategies, and ensure their implementation.
4. Ensure compliance with all regulatory requirements (GDPR, etc.) and internal and external partner security policies. Develop and update information security policies and procedures as required.
5. Support incident response by investigating and remediating incidents. Provide post-incident reviews and make suggestions for improvements to the CIO.
6. Conduct security assessments of vendors, partners, and third parties to ensure alignment.
7. Assist in the development of cyber security training and awareness programs for employees, ensuring alignment with the latest threats and security practices.
8. Monitor emerging security threats and trends, ensuring security measures and strategies are continuously updated to reflect the latest in cyber security risks and best practices.
9. Collaborate closely with internal teams as well as those of our external partners to integrate and align security measures and compliance and challenge when required.
10. Ad hoc duties as required.
Essential Skills and Knowledge:
1. Degree in Computer Science, Information Security, or related field (or equivalent experience).
2. Relevant certifications (CISSP, CISM, CISA, ISO27001, etc.).
3. Demonstrable experience within a cyber security, security assurance role, or related fields gained within a regulated environment (ideally insurance).
4. Experience in conducting security risk assessments and audits.
5. Strong understanding of regulatory compliance requirements including GDPR, SOX, etc.
Technical Skills:
1. Familiarity with vulnerability management tools.
2. Knowledge of Firewalls, Intrusion Detection Systems, and Network Security Protocols.
3. Understanding of cloud security and related compliance requirements.
4. Experience with security incident management and investigations.
Soft Skills:
1. Excellent written and verbal communication skills with the ability to explain complex security issues to non-technical business stakeholders.
2. Ability to build relationships with internal and external stakeholders and business partners working collaboratively.
3. Strong analytical and problem-solving skills.
4. Ability to work independently and within a team.
5. Attention to detail and ability to prioritize tasks.
What we offer:
1. Pension contribution 5% or more by employee, 10% employer.
2. 28 Days Annual Leave.
3. Death in Service 4 x Salary.
4. Sick Pay.
5. Private Medical Insurance.
GWV Talent Solutions Limited trading as Vermelo RPO acts as an employment agency for permanent recruitment and an employment business for the supply of temporary and contract workers. By applying for this job you accept the terms of our Privacy Policy and Terms of Service Agreement.
#J-18808-Ljbffr