Our client is looking for a Cyber Security Assurance Specialist who will be responsible for ensuring that the organisation's systems, applications, and processes adhere to internal security standards, industry best practices, and regulatory compliance requirements.
Key Responsibilities and Accountabilities:
1. Assess security vulnerabilities to protect the organisation and mitigate risk to protect data and assets.
2. Conduct security assessments, vulnerability assessments, and audits of internal and our partner's external systems to evaluate risk, alignment, and compliance with security policies, standards, and frameworks (ISO 27001, NIST, CIS, and internal policies etc.).
3. Identify, analyse, and prioritise cyber risk, develop risk mitigation strategies, and ensure their implementation.
4. Ensure compliance with all regulatory requirements (GDPR etc.) and internal and external partner security policies. Develop and update information security policies and procedures as required.
5. Support incident response by investigating and remediating incidents. Provide post-incident reviews and make suggestions for improvements to the CIO.
6. Conduct security assessments of vendors, partners, and third parties to ensure alignment.
7. Assist in the development of cyber security training and awareness programmes for employees, ensuring alignment with the latest threats and security practices.
8. Monitor emerging security threats and trends, ensuring security measures and strategies are continuously updated to reflect the latest in cyber security risks and best practices.
9. Collaborate closely with internal teams as well as those of our external partners to integrate and align security measures and compliance and challenge when required.
10. Ad hoc duties as required.
Essential Skills and Knowledge:
1. Degree in Computer Science, Information Security, or related field (or equivalent experience).
2. Relevant certifications (CISSP, CISM, CISA, ISO27001 etc.).
3. Demonstrable experience within a cyber security, security assurance role, or related fields gained within a regulated environment (ideally insurance).
4. Experience in conducting security risk assessments and audits.
5. Strong understanding of regulatory compliance requirements including GDPR, SOX etc.
Technical Skills:
1. Familiarity with vulnerability management tools.
2. Knowledge of Firewalls, Intrusion Detection Systems, and Network Security Protocols.
3. Understanding of cloud security and related compliance requirements.
4. Experience with security incident management and investigations.
Soft Skills:
1. Excellent written and verbal communication skills with the ability to explain complex security issues to non-technical business stakeholders.
2. Ability to build relationships with internal and external stakeholders and business partners while working collaboratively.
3. Strong analytical and problem-solving skills.
4. Ability to work independently and within a team.
5. Attention to detail and ability to prioritise tasks.
What we offer:
1. Pension contribution 5% or more by employee, 10% employer.
2. 28 Days Annual Leave.
3. Death in Service 4 x Salary.
4. Sick Pay.
5. Private Medical Insurance.
#J-18808-Ljbffr