We are looking for a Cyber Security Assurance Specialist who will be responsible for ensuring that the organisation’s systems, applications, processes adhere to internal security standards, industry best practices and regulatory compliance requirements.
Key Responsibilities and Accountabilities:
Assess security vulnerabilities to protect the organisation and mitigate risk to protect data and assets.
Conduct security assessments, vulnerability assessments and audits of internal and our partner’s external systems to evaluate risk, alignment and compliance with security policies, standards and frameworks (ISO 27001, NIST, CIS and internal policies etc.)
Identify and analyse and prioritise cyber risk, develop risk mitigation strategies and ensure their implementation.
Ensure compliance with all regulatory requirements (GDPR etc.) and internal and external partner security policies. Develop and update information security policies and procedures as require.
Support of incident response investigating and remediating incidents. Provide post-incident reviews and make suggestions for improvements to CIO.
Conduct security assessments of vendors, partners and third parties to ensure alignment.
Assist in development of cyber security training and awareness programmes for employees ensuring alignment with the latest threats and security practices.
Monitor emerging security threats and trends, ensuring security measures and strategies are continuously updated to reflect the latest in cyber security risks and best practices.
Collaborate closely with internal teams as well as those of our external partners to integrate and align security measures and compliance and challenge when required.
Ad hoc duties as required.
Essential Skills and Knowledge:
Degree in Computer Science, Information Security or related field (or equivalent experience)
Relevant certifications (CISSP, CISM, CISA, ISO27001 etc.)
Demonstrable experience within a cyber security, security assurance role or related fields gained within a regulated environment (ideally insurance).
Experience in conducting security risk assessments and audits.
Strong understanding of regulatory compliance requirements including GDPR, SOX etc.)
Technical Skills
Familiarity with vulnerability management tools
Knowledge of Firewalls, Intrusion Detection Systems and Network Security Protocols
Understanding of cloud security and related compliance requirements
Experience with security incident management and investigations.
Soft Skills
Excellent written and verbal communication skills with the ability to explain complex security issues to non-technical business stakeholders.
Ability to build relationships with internal and external stakeholders and business partners working collaboratively.
Strong analytical and problem-solving skills
Ability to work independently and within a team.
Attention to detail and ability to prioritise tasks.
Who we are:
Here at Tradex we a leading Motor Trade Insurer with over 50 years of experience, covering everything from the new business venture to the established business. We pride ourselves on our flexible approach to unique risks. This allows us to provide cover for even the most unusual of businesses.
What we offer:
Pension contribution 5% or more by employee, 10% employer
28 Days Annual Leave
Death in Service 4 x Salary
Sick Pay
Private Medical Insurance