Information Security Analyst 60,000 - 70,000 per annum Full time - City - Hybrid Sponsorship is not available for this opportunity Is this the Information Security Analyst role for you? Crone Corkill are partnered with a very well respected organisation in the Legal sector as they look to add a new member to the Information Security team. Partnering with the Information Security Manager, you'll ensure the business aligns to ISO27001, conduct audits related to ISO27001 & NIST, generate InfoSec dashboards & metrics, as well as handle the onboarding of new suppliers. Due to the small size of the team, you'll often be required to work independently and assist with a variety of InfoSec related tasks. What will you do as an Information Security Analyst? Onboard suppliers and perform risk assessments, third party questionnaires, due diligence, gap analysis and make suggestions accordingly Ensure Security best practice is followed and ISO27001 compliance is met Generate metrics/dashboard for management reviews Assist in overseeing the ISMS from a GRC perspective Provide Information Security awareness training to tech & non-tech teams Plan audits, risk assessments and control implementations related to ISO27001 Provide a sound understanding of Cloud Security & Cloud Infrastructure principles/controls Assist the SecOps team with incident handling, response and escalations, as well as ensuring processes are documented in line with ISO27001 Manage technical risks via vulnerability management oversight & gap analysis, whilst also overseeing DLP alerts and creating reports What skills do you need as an Information Security Analyst? ISO27001 NIST Supplier onboarding Generating metrics & dashboards The ability to work independently Good knowledge of Cloud Security (open on platform) Experience in the Legal or Professional Service sectors (advantageous) Relevant InfoSec/Cyber certifications (very advantageous) What's in it for you? In return, you'll have the opportunity to work with a diverse group of colleagues, with inclusion at the forefront of their working culture. Though working in a small team, the business are dedicated to providing the training and development needed for you to be successful within the role - Whilst also giving you the chance to be deeply involved in a range of upcoming projects.
Apr 26, 2024
Full time
Information Security Analyst 60,000 - 70,000 per annum Full time - City - Hybrid Sponsorship is not available for this opportunity Is this the Information Security Analyst role for you? Crone Corkill are partnered with a very well respected organisation in the Legal sector as they look to add a new member to the Information Security team. Partnering with the Information Security Manager, you'll ensure the business aligns to ISO27001, conduct audits related to ISO27001 & NIST, generate InfoSec dashboards & metrics, as well as handle the onboarding of new suppliers. Due to the small size of the team, you'll often be required to work independently and assist with a variety of InfoSec related tasks. What will you do as an Information Security Analyst? Onboard suppliers and perform risk assessments, third party questionnaires, due diligence, gap analysis and make suggestions accordingly Ensure Security best practice is followed and ISO27001 compliance is met Generate metrics/dashboard for management reviews Assist in overseeing the ISMS from a GRC perspective Provide Information Security awareness training to tech & non-tech teams Plan audits, risk assessments and control implementations related to ISO27001 Provide a sound understanding of Cloud Security & Cloud Infrastructure principles/controls Assist the SecOps team with incident handling, response and escalations, as well as ensuring processes are documented in line with ISO27001 Manage technical risks via vulnerability management oversight & gap analysis, whilst also overseeing DLP alerts and creating reports What skills do you need as an Information Security Analyst? ISO27001 NIST Supplier onboarding Generating metrics & dashboards The ability to work independently Good knowledge of Cloud Security (open on platform) Experience in the Legal or Professional Service sectors (advantageous) Relevant InfoSec/Cyber certifications (very advantageous) What's in it for you? In return, you'll have the opportunity to work with a diverse group of colleagues, with inclusion at the forefront of their working culture. Though working in a small team, the business are dedicated to providing the training and development needed for you to be successful within the role - Whilst also giving you the chance to be deeply involved in a range of upcoming projects.
GRC Analyst (InfoSec ISO 27001) Sunderland / WFH to £40k Are you a tech savvy GRC Analyst looking to progress your career? You could be joining a successful and growing online gaming / gambling site as they expand their European presence. As a GRC Analyst you will help to build on the existing technology group governance, risk and compliance capabilities as part of the wider Information Security programme with the ultimate aim of protecting customers and the business alike from cyber security attacks. You'll maintain and continuously improve ISO 27001 / 2 policies, standards and procedures; collaborate across teams to drive adoption and adherence to InfoSec policy and guidelines and contribute to the continuous improvement and tactical strategic roadmaps to ensure that all technology platforms meet compliance. There are a broad range of responsibilities and challenges, you'll be collaborating in advisory role where you'll build expertise. WFH Policy: There's a hybrid work from home policy with 2-3 days a week; when you're in the office you'll be collaborating with accomplished colleagues in awesome custom built offices in Sunderland with a range of facilities and perks including three, free meals a days at the onsite restaurant as well as membership at onsite gym. Requirements: You have experience of analysing security and technical compliance requirements, including performing risk assessments and designing risk treatment plans You have a strong knowledge of security and technology compliance regulations, ideally within betting although could be other industry e.g., finance You have a good understanding of governance standards and frameworks e.g., ISO 27001 / 2, PCI-DSS, NIST, ISF, GDPR You have good commercial awareness and experience of delivery security awareness within a large scale organisation You have excellent communication, collaboration and stakeholder engagement skills Salary & benefits: As a GRC Analyst you will earn a competitive salary (to £40k) plus benefits including: Bonus Pension Private medical care And a range of other perks and benefits Apply now to find out more about this GRC Analyst opportunity. At Client Server we believe in a diverse workplace that allows people to play to their strengths and continually learn. We're an equal opportunities employer whose people come from all walks of life and will never discriminate based on race, colour, religion, sex, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. The clients we work with share our values.
Apr 23, 2024
Full time
GRC Analyst (InfoSec ISO 27001) Sunderland / WFH to £40k Are you a tech savvy GRC Analyst looking to progress your career? You could be joining a successful and growing online gaming / gambling site as they expand their European presence. As a GRC Analyst you will help to build on the existing technology group governance, risk and compliance capabilities as part of the wider Information Security programme with the ultimate aim of protecting customers and the business alike from cyber security attacks. You'll maintain and continuously improve ISO 27001 / 2 policies, standards and procedures; collaborate across teams to drive adoption and adherence to InfoSec policy and guidelines and contribute to the continuous improvement and tactical strategic roadmaps to ensure that all technology platforms meet compliance. There are a broad range of responsibilities and challenges, you'll be collaborating in advisory role where you'll build expertise. WFH Policy: There's a hybrid work from home policy with 2-3 days a week; when you're in the office you'll be collaborating with accomplished colleagues in awesome custom built offices in Sunderland with a range of facilities and perks including three, free meals a days at the onsite restaurant as well as membership at onsite gym. Requirements: You have experience of analysing security and technical compliance requirements, including performing risk assessments and designing risk treatment plans You have a strong knowledge of security and technology compliance regulations, ideally within betting although could be other industry e.g., finance You have a good understanding of governance standards and frameworks e.g., ISO 27001 / 2, PCI-DSS, NIST, ISF, GDPR You have good commercial awareness and experience of delivery security awareness within a large scale organisation You have excellent communication, collaboration and stakeholder engagement skills Salary & benefits: As a GRC Analyst you will earn a competitive salary (to £40k) plus benefits including: Bonus Pension Private medical care And a range of other perks and benefits Apply now to find out more about this GRC Analyst opportunity. At Client Server we believe in a diverse workplace that allows people to play to their strengths and continually learn. We're an equal opportunities employer whose people come from all walks of life and will never discriminate based on race, colour, religion, sex, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. The clients we work with share our values.
Job Title: Governance, Risk, Compliance (GRC) Information Security Analyst Salary: Up to £85,000 + Great bonus and benefits package Hybrid Model: 2 days per week in Central London, 3 days remote Office Location: Liverpool Street area About the Client and the Role: My client, a highly prestigious, globally renowned name in financial services is seeking an experienced GRC Analyst to provide analysis of existing and constantly progressing security systems. Responsibilities and Areas of Focus: BAU activities supporting GRC and Information Security Driving risk capture, analysis and reporting Audit oversight ie understanding audit scope and controls being assessed, the resulting Findings and overseeing remediation effort. Detailed auditing and documentation of security projects Analysis and reporting of information security Managing complex data sets and creating detailed reports Presenting/Reporting to key stakeholders (both written and verbal) Risk management frameworks and assessing technology risk. Candidate Experience/Knowledge: Professional background in Information Security Analysis Experience in financial environments Outstanding communication skills (verbal & written) Experience with stakeholders Demonstrable experience auditing and documenting complex information security projects Experience working with Regulatory bodies eg FCA, BoE Knowledge of technology within a financial/trading environment
Aug 17, 2023
Full time
Job Title: Governance, Risk, Compliance (GRC) Information Security Analyst Salary: Up to £85,000 + Great bonus and benefits package Hybrid Model: 2 days per week in Central London, 3 days remote Office Location: Liverpool Street area About the Client and the Role: My client, a highly prestigious, globally renowned name in financial services is seeking an experienced GRC Analyst to provide analysis of existing and constantly progressing security systems. Responsibilities and Areas of Focus: BAU activities supporting GRC and Information Security Driving risk capture, analysis and reporting Audit oversight ie understanding audit scope and controls being assessed, the resulting Findings and overseeing remediation effort. Detailed auditing and documentation of security projects Analysis and reporting of information security Managing complex data sets and creating detailed reports Presenting/Reporting to key stakeholders (both written and verbal) Risk management frameworks and assessing technology risk. Candidate Experience/Knowledge: Professional background in Information Security Analysis Experience in financial environments Outstanding communication skills (verbal & written) Experience with stakeholders Demonstrable experience auditing and documenting complex information security projects Experience working with Regulatory bodies eg FCA, BoE Knowledge of technology within a financial/trading environment
Senior Information Security Analyst (ISO27001/GRC) The successful candidate will report to the Information Security Manager and will work with the business and the wider information security team to ensure the appropriate controls, policies and procedures are in place to protect the information of the organisation in-line with internal information security principles (ie ISO27001 and CE+) as well as regulatory legislation. Responsibilities: - Develop and implement information security policies, standards and documentation ensuring compliance with all applicable legal or regulatory legislation - Work as an Information Security Auditor to define, maintain and implement an audit framework and schedule in compliance with security polices and standards - Maintain certification to ISO27001 and Cyber Essentials Plus against a backdrop of evolving regulations, technology and processes - Maintain the cyber incident management process and develop the appropriate document repositories, policy documents, operational schedules and processes Required Skills/Experience: - Experience of operating in a similar role within the framework of and adhering to requirements of ISO27001 and Cyber Essentials Plus or similar standards - Experience in preparing documentation and guidance for others - Experience of aligning technology solutions with best practice and IT security policies and guidelines - Experience in related supplier management, with vendors and resellers - Knowledge of Azure, encryption key management and cloud-based services such as M365 Senior Information Security Analyst (ISO27001/GRC) In accordance with the Employment Agencies and Employment Businesses Regulations 2003, this position is advertised based upon DGH Recruitment Limited having first sought approval of its client to find candidates for this position. DGH Recruitment Limited acts as both an Employment Agency and Employment Business
Feb 03, 2022
Full time
Senior Information Security Analyst (ISO27001/GRC) The successful candidate will report to the Information Security Manager and will work with the business and the wider information security team to ensure the appropriate controls, policies and procedures are in place to protect the information of the organisation in-line with internal information security principles (ie ISO27001 and CE+) as well as regulatory legislation. Responsibilities: - Develop and implement information security policies, standards and documentation ensuring compliance with all applicable legal or regulatory legislation - Work as an Information Security Auditor to define, maintain and implement an audit framework and schedule in compliance with security polices and standards - Maintain certification to ISO27001 and Cyber Essentials Plus against a backdrop of evolving regulations, technology and processes - Maintain the cyber incident management process and develop the appropriate document repositories, policy documents, operational schedules and processes Required Skills/Experience: - Experience of operating in a similar role within the framework of and adhering to requirements of ISO27001 and Cyber Essentials Plus or similar standards - Experience in preparing documentation and guidance for others - Experience of aligning technology solutions with best practice and IT security policies and guidelines - Experience in related supplier management, with vendors and resellers - Knowledge of Azure, encryption key management and cloud-based services such as M365 Senior Information Security Analyst (ISO27001/GRC) In accordance with the Employment Agencies and Employment Businesses Regulations 2003, this position is advertised based upon DGH Recruitment Limited having first sought approval of its client to find candidates for this position. DGH Recruitment Limited acts as both an Employment Agency and Employment Business
Title: Security Metrics and Data Reporting Analyst Rate 569.29 Per Day, Via Umbrella, Inside IR35 Location: Brentford Number of Position: 2 LOA: Initially 6 months We are currently seeking a Security Metrics and Data Reporting Analyst to join our Cyber Risk Assurance Team. Security Metrics and Data Reporting Analyst will be responsible for implementing Power BI tools and developing techniques along with integration of GRC Tools for measuring and reporting technical performance metrics as well developing and running reports on regular schedules. Other responsibilities include maintaining of performance metrics, collecting, validating, interpreting, and organizing various types of data into meaningful reports and/or summaries for designated audiences.
Jan 10, 2022
Contractor
Title: Security Metrics and Data Reporting Analyst Rate 569.29 Per Day, Via Umbrella, Inside IR35 Location: Brentford Number of Position: 2 LOA: Initially 6 months We are currently seeking a Security Metrics and Data Reporting Analyst to join our Cyber Risk Assurance Team. Security Metrics and Data Reporting Analyst will be responsible for implementing Power BI tools and developing techniques along with integration of GRC Tools for measuring and reporting technical performance metrics as well developing and running reports on regular schedules. Other responsibilities include maintaining of performance metrics, collecting, validating, interpreting, and organizing various types of data into meaningful reports and/or summaries for designated audiences.
SAP Security Analyst Salary- circa £45,000 depending upon skills and experience? Location: Lincoln / Huntingdon Permanent - full time (37 hours per week) Anglian water uses SAP as its core central ERP system. It holds critical data relating to finance, assets, customers and business processes. It is the heart of our IT business landscape and underpins the business operations. Protecting this data from fraud, cyber-attack and misuse is a top priority for the business. The availability and integrity of information is vital to our water operations, as well as our customer and support services.? What will you be doing?? The purpose of this role is to ensure that the risk of fraud and misuse of data held in SAP is minimised and is managed appropriately through the design, build and provisioning of appropriate access that fully meets the needs of our customers. You will work with outsourced IT specialists, project teams and AW business managers to?analyse & understand the risks associated?with their area of the business then design and develop SAP Security authorisation concepts based on SAP best practice and business policies. Review project/change documents. Analyse & understand the risks associated with application security exposures and provide solutions to eliminate or reduce these exposures.?Ensure projects deliver solutions that will fit into the business-as-usual process without adding more risk? Liaise with?internal/external?auditors?to provide necessary information during audits.? This role would also be expected to work on the continuous improvement of SAP security support processes. Key responsibilities include:? Perform a review all access requests to identify risks and feed back to the training team scheduler or requestors when these requests will give users risks that are not currently controlled Ensure correct approvals are provided before access is provisioned and ensure these are kept as evidence for internal and external auditors on the User Provisioning Process. Provide expert advice to SAP training team, business managers and projects around SAP Security user provisioning processes to ensure that security risks are reduced. Provisioning SAP access for business users after completion of training Provide least risk access to our 3rd party partners to ensure risks are kept to a minimum, working with them to provide the correct access for projects and system refreshes etc Administrator for all the SAP systems in Anglian Water's landscape, ensuring that the correct access is provided according to the system and the data contained in each Responsible for the CUA (Central User Administrator) system, this system enables efficient account creation and password resets to all the connected SAP systems . What do you need? Experience in a similar role is preferred Experience of ECC 6, SAP Gateway, Fiori, S4 Hana, Portals, CUA, GRC SAP ADM900 - SAP System Security Fundamentals SAP ADM920 - SAP Identity Management SAP ADM940 - AS ABAP - Authorisation Concept SAPEPE - Fundamentals' (Portal) WCHGRC Overview SAP GRC Ideally would have experience of the following technology:? Service Now?or other on-line service desk systems? Microsoft applications?Excel, Word?or?Access databases? With the above experience in line with our Company Behaviours, we'll need you to 'Build Trust' with those you will work with, 'Do the Right Thing'. What benefits do we offer?? Being a successful water company doesn't come easy! Our people are important to us and we want to make sure that we reward and recognise?all of?the great work that they do. Some of our benefits include:? Bonus scheme? Private health care? Competitive pension scheme? 26 days annual leave rising with length of service? Flexible benefits to support your wellbeing? Flexible working (dependent on your role)? Plus?lots more!? We are passionate and committed to the learning and development of our people making sure they have the right skills and knowledge to be successful and to help achieve their potential. We also take Health and Safety very seriously in everything that we do.? If you are offered a job with us, you'll be subject to the relevant/standard employment checks, including: your right to work in the UK, reference, driving licence and identity check. Depending on your role, you may also be subject to further pre-employment checks.? Working Location The challenges of the pandemic have allowed us to accelerate our AMP7 plans to adopt a more agile workforce. We recognise that work has become a thing we do, rather than a place we go so we're open to remote working as part of the team so don't feel this is a barrier to applying. That said, we'd like you to be comfortable in travelling into our main campus sites at either Lincoln or Huntingdon on occasion.? Closing date: 27/10/2021
Nov 04, 2021
Full time
SAP Security Analyst Salary- circa £45,000 depending upon skills and experience? Location: Lincoln / Huntingdon Permanent - full time (37 hours per week) Anglian water uses SAP as its core central ERP system. It holds critical data relating to finance, assets, customers and business processes. It is the heart of our IT business landscape and underpins the business operations. Protecting this data from fraud, cyber-attack and misuse is a top priority for the business. The availability and integrity of information is vital to our water operations, as well as our customer and support services.? What will you be doing?? The purpose of this role is to ensure that the risk of fraud and misuse of data held in SAP is minimised and is managed appropriately through the design, build and provisioning of appropriate access that fully meets the needs of our customers. You will work with outsourced IT specialists, project teams and AW business managers to?analyse & understand the risks associated?with their area of the business then design and develop SAP Security authorisation concepts based on SAP best practice and business policies. Review project/change documents. Analyse & understand the risks associated with application security exposures and provide solutions to eliminate or reduce these exposures.?Ensure projects deliver solutions that will fit into the business-as-usual process without adding more risk? Liaise with?internal/external?auditors?to provide necessary information during audits.? This role would also be expected to work on the continuous improvement of SAP security support processes. Key responsibilities include:? Perform a review all access requests to identify risks and feed back to the training team scheduler or requestors when these requests will give users risks that are not currently controlled Ensure correct approvals are provided before access is provisioned and ensure these are kept as evidence for internal and external auditors on the User Provisioning Process. Provide expert advice to SAP training team, business managers and projects around SAP Security user provisioning processes to ensure that security risks are reduced. Provisioning SAP access for business users after completion of training Provide least risk access to our 3rd party partners to ensure risks are kept to a minimum, working with them to provide the correct access for projects and system refreshes etc Administrator for all the SAP systems in Anglian Water's landscape, ensuring that the correct access is provided according to the system and the data contained in each Responsible for the CUA (Central User Administrator) system, this system enables efficient account creation and password resets to all the connected SAP systems . What do you need? Experience in a similar role is preferred Experience of ECC 6, SAP Gateway, Fiori, S4 Hana, Portals, CUA, GRC SAP ADM900 - SAP System Security Fundamentals SAP ADM920 - SAP Identity Management SAP ADM940 - AS ABAP - Authorisation Concept SAPEPE - Fundamentals' (Portal) WCHGRC Overview SAP GRC Ideally would have experience of the following technology:? Service Now?or other on-line service desk systems? Microsoft applications?Excel, Word?or?Access databases? With the above experience in line with our Company Behaviours, we'll need you to 'Build Trust' with those you will work with, 'Do the Right Thing'. What benefits do we offer?? Being a successful water company doesn't come easy! Our people are important to us and we want to make sure that we reward and recognise?all of?the great work that they do. Some of our benefits include:? Bonus scheme? Private health care? Competitive pension scheme? 26 days annual leave rising with length of service? Flexible benefits to support your wellbeing? Flexible working (dependent on your role)? Plus?lots more!? We are passionate and committed to the learning and development of our people making sure they have the right skills and knowledge to be successful and to help achieve their potential. We also take Health and Safety very seriously in everything that we do.? If you are offered a job with us, you'll be subject to the relevant/standard employment checks, including: your right to work in the UK, reference, driving licence and identity check. Depending on your role, you may also be subject to further pre-employment checks.? Working Location The challenges of the pandemic have allowed us to accelerate our AMP7 plans to adopt a more agile workforce. We recognise that work has become a thing we do, rather than a place we go so we're open to remote working as part of the team so don't feel this is a barrier to applying. That said, we'd like you to be comfortable in travelling into our main campus sites at either Lincoln or Huntingdon on occasion.? Closing date: 27/10/2021
Security Analyst required to work for a Government department. This is an initial 12-month contract, paying £560 a day, inside IR35, hybrid working with at least 2 days a week in the London based office. Key Responsibilities: *Advice and support Business Managers, Senior Risk Owners and the Executive Team within Digital to ensure effective security risk measures are in place on delivery. *Ensure that all first line risk managers identify, assess and report all security risks and vulnerabilities and that incidents are actioned. *Ensuring consistency in approach for the delivery of risk-informed decisions regarding current and future security investments *Ensure consistency to protect the Department's assets and transform the Department's security architecture. *Highlight the strengths and weaknesses of security risk controls across the Department. *Manage the identification, assessment and remediation of security risks across the business, and the risk management lifecycle. *Work with business and technology stakeholders to develop, update or review security risk assessments and security risk management plans, providing a holistic and strategic view of delivery as required. *Work closely with internal and external stakeholders, to identify threats, vulnerabilities and how the resilience of the IT Infrastructure can be improved. *Identify, assess and measure emerging security risks and report to programme and senior stakeholders based on current trends and issues across Digital and the external environment. *Undertake Controls testing of counter measures to provide added assurance and feed results back into the risk assessment. *Mentor, support, supervise, knowledge transfer and line manage junior members of the team. Essential Skills / Criteria: *Governance, Risk and Compliance Professional (GRCP) qualification. *Certified in Risk and Information Systems Controls (CRISC) or equivalent risk management qualifications *Proven knowledge of risk management - identification, assessment, risk response and mitigation, control monitoring and reporting. * *ISO27005 Certified ISMS Risk Management (CIS RM) qualification (ISO 17024-certificated) *Experience of undertaking information assurance reviews such as ISO27001 assurance. *Certified Information Systems Security Manager (CISSP) or an equivalent security qualification. *Certified Information Security Manager (CISM) or an equivalent security qualification. Desirable Skills: *SC Clearance Please apply should you meet the above criteria. Badenoch + Clark acts as an employment agency for permanent recruitment and an employment business for the supply of temporary workers. Badenoch + Clark UK is an Equal Opportunities Employer. By applying for this role your details will be submitted to Badenoch + Clark. Our Candidate Privacy Information Statement explains how we will use your information - please copy and paste the following link in to your browser: https://en-gb/candidate-privacy
Oct 07, 2021
Contractor
Security Analyst required to work for a Government department. This is an initial 12-month contract, paying £560 a day, inside IR35, hybrid working with at least 2 days a week in the London based office. Key Responsibilities: *Advice and support Business Managers, Senior Risk Owners and the Executive Team within Digital to ensure effective security risk measures are in place on delivery. *Ensure that all first line risk managers identify, assess and report all security risks and vulnerabilities and that incidents are actioned. *Ensuring consistency in approach for the delivery of risk-informed decisions regarding current and future security investments *Ensure consistency to protect the Department's assets and transform the Department's security architecture. *Highlight the strengths and weaknesses of security risk controls across the Department. *Manage the identification, assessment and remediation of security risks across the business, and the risk management lifecycle. *Work with business and technology stakeholders to develop, update or review security risk assessments and security risk management plans, providing a holistic and strategic view of delivery as required. *Work closely with internal and external stakeholders, to identify threats, vulnerabilities and how the resilience of the IT Infrastructure can be improved. *Identify, assess and measure emerging security risks and report to programme and senior stakeholders based on current trends and issues across Digital and the external environment. *Undertake Controls testing of counter measures to provide added assurance and feed results back into the risk assessment. *Mentor, support, supervise, knowledge transfer and line manage junior members of the team. Essential Skills / Criteria: *Governance, Risk and Compliance Professional (GRCP) qualification. *Certified in Risk and Information Systems Controls (CRISC) or equivalent risk management qualifications *Proven knowledge of risk management - identification, assessment, risk response and mitigation, control monitoring and reporting. * *ISO27005 Certified ISMS Risk Management (CIS RM) qualification (ISO 17024-certificated) *Experience of undertaking information assurance reviews such as ISO27001 assurance. *Certified Information Systems Security Manager (CISSP) or an equivalent security qualification. *Certified Information Security Manager (CISM) or an equivalent security qualification. Desirable Skills: *SC Clearance Please apply should you meet the above criteria. Badenoch + Clark acts as an employment agency for permanent recruitment and an employment business for the supply of temporary workers. Badenoch + Clark UK is an Equal Opportunities Employer. By applying for this role your details will be submitted to Badenoch + Clark. Our Candidate Privacy Information Statement explains how we will use your information - please copy and paste the following link in to your browser: https://en-gb/candidate-privacy
My client, a global insurance company, is seeking a Cloud Controls Analyst to join its Compliance and Controls team (part of the GRC function) on a long-term contractual basis. This team conduct second line of defence testing for controls including those relating to the Security and Availability Trust Principles within SOC2. The successful Cloud Controls Analyst will support the delivery of cloud control testing in the areas of information & cyber security, technology and cloud infrastructure, conducting design adequacy and operating effectiveness testing of cloud controls for SOC2. Key duties include, but are not limited to: Performing assessment of Cloud controls (focusing on Azure) including; o Control design adequacy o Control operating effectiveness - Cloud control testing (including guard rails resource log analysis etc.) - Developing operating processes and procedures for cloud control testing of structured test papers for all controls tested - Reporting and tracking of cloud control gap remediations as well as ineffective or inadequate controls - Identify opportunities and recommendations to improve the design and implementation of cloud controls - Support the control owners in the design and maintenance and documentation of cloud controls Key words: Information Security, Compliance, security, SOC2 SOC 2, GRC, Trust Principles, cyber security, Cloud, Azure Eames Consulting is acting as an Employment Business in relation to this vacancy.
Oct 05, 2021
Contractor
My client, a global insurance company, is seeking a Cloud Controls Analyst to join its Compliance and Controls team (part of the GRC function) on a long-term contractual basis. This team conduct second line of defence testing for controls including those relating to the Security and Availability Trust Principles within SOC2. The successful Cloud Controls Analyst will support the delivery of cloud control testing in the areas of information & cyber security, technology and cloud infrastructure, conducting design adequacy and operating effectiveness testing of cloud controls for SOC2. Key duties include, but are not limited to: Performing assessment of Cloud controls (focusing on Azure) including; o Control design adequacy o Control operating effectiveness - Cloud control testing (including guard rails resource log analysis etc.) - Developing operating processes and procedures for cloud control testing of structured test papers for all controls tested - Reporting and tracking of cloud control gap remediations as well as ineffective or inadequate controls - Identify opportunities and recommendations to improve the design and implementation of cloud controls - Support the control owners in the design and maintenance and documentation of cloud controls Key words: Information Security, Compliance, security, SOC2 SOC 2, GRC, Trust Principles, cyber security, Cloud, Azure Eames Consulting is acting as an Employment Business in relation to this vacancy.
Security Analyst Security Analyst needed for a great SaaS company voted as Top 10 global companies to watch. With offices across US, Europe and over 2500 employees worldwide, with this specific role located within the heart of London paying a circa £60,000. It will require performing day-to-day security operations, responding to RFPs and RFIs whilst working closely with sales, legal and compliance teams, thus needing great communication skills. Skills: - 3-5 Years of experience in cyber security - Experience with PCS-DSS; ISO 27001 - Security certifications required including CISSP, CISM - Have a good level of understanding of OWASP - Reasonable understanding of the AWS, AZURE, GCP principles - Good communication skills This would suit somebody who's currently working in a GRC environment who's looking for a change or a consultancy environment who wants to move to end clients or someone with a broad technological knowledge. A great chance to join a massive technology company that's only going to continue growing, a chance not worth missing! There is a great benefit package included with this role including 15% bonus and having shares in the company.
Sep 10, 2021
Full time
Security Analyst Security Analyst needed for a great SaaS company voted as Top 10 global companies to watch. With offices across US, Europe and over 2500 employees worldwide, with this specific role located within the heart of London paying a circa £60,000. It will require performing day-to-day security operations, responding to RFPs and RFIs whilst working closely with sales, legal and compliance teams, thus needing great communication skills. Skills: - 3-5 Years of experience in cyber security - Experience with PCS-DSS; ISO 27001 - Security certifications required including CISSP, CISM - Have a good level of understanding of OWASP - Reasonable understanding of the AWS, AZURE, GCP principles - Good communication skills This would suit somebody who's currently working in a GRC environment who's looking for a change or a consultancy environment who wants to move to end clients or someone with a broad technological knowledge. A great chance to join a massive technology company that's only going to continue growing, a chance not worth missing! There is a great benefit package included with this role including 15% bonus and having shares in the company.