Chief Information Security Officer (CISO) Tesco Mobile About the role Are you ready to step into a CISO position? Tesco Mobile is seeking a dedicated Security professional to join as their Chief Information Security Officer (CISO) who will have a significant role in crafting the future of our cyber security landscape. This is an outstanding opportunity to lead a world-class cyber security strategy within a dynamic and evolving business environment. By joining Tesco Mobile, you will be at the forefront of ensuring flawless security measures that protect our customers and business operations. You will report to Tesco Mobile's General Counsel and be part of our Cyber Security Chapter. You will collaborate with experts from Legal, Regulatory, Compliance, and Risk Management within our Business Integrity Centre of Excellence. You will be responsible for Key responsibilities: Be the face of security. Cultivate positive relationships, promote security, and discover opportunities for security to make valuable contributions within the business. Understand the security posture of the business and its processes in order to effectively engage them in the security improvement recommendations and cyber risk management. Be responsible for leading the cyber security strategy within the business and present risk-based security position and recommendations to management and executive teams. Drive the information security improvement plans which includes incorporating Tesco Group security requirements. Ensure adequate registration, analysis, resolution and reporting of privacy and information security incidents. Craft and coordinate information security assessments, pen testing, reviews and audits. Provide technical oversight of all security tooling and infrastructure services in use; Make recommendations on configuration and implementation improvements. Own third party vendor management for security services. Monitor and respond to emerging threat patterns, vulnerabilities and anomalies. Responsible for collaborating with the Tesco Group Security Operations team to help ensure the entire Tesco Group are protected against emerging threats. Ensure sufficient security assurance between collaborators (i.e. Tesco, Tesco Mobile, and Virgin Media O2) regarding cyber security for Virgin Media O2. You will need Extensive knowledge and experience in Cyber/Information Security to effectively collaborate with and support various collaborators. Strong working knowledge of security management principles and practices, including vulnerability management, event management, application security, Identity management, incident response. Excellent collaborator and ability to inspire change. Demonstrated ability to engage with a diverse set of collaborators and foster a security culture. Detail-oriented individual with a strong analytical background. Ideally previously hands on role in one of these domains, networks, sysadmin, software developer, security analyst. Security qualifications such as CISM, CISSP, CISA or equivalent. What's in it for you We're all about the little helps. That's why we make sure our Tesco colleague benefits package takes care of you - both in and out of work. Annual bonus scheme of up to 45% of base salary. Car Cash Allowance. Holiday starting at 25 days plus a personal day (plus Bank holidays). Private medical insurance. Retirement savings plan - save between 6% - 10% and Tesco will contribute 1.5 times this amount. 26 weeks maternity and adoption leave (after 1 years' service) at full pay, followed by 13 weeks of Statutory Maternity Pay or Statutory Adoption Pay, we also offer 6 weeks fully paid paternity leave. About us Our vision at Tesco is to become every customer's favourite way to shop, whether they are at home or out on the move. Our core purpose is 'Serving our customers, communities and planet a little better every day'. Serving means more than a transactional relationship with our customers. It means acting as a responsible and sustainable business for all stakeholders, for the communities we are part of and for the planet. Diversity, equity and inclusion (DE&I) at Tesco means that whoever you are and whatever your background, we always want you to feel represented and that you can be yourself at work. In short, we're a place where Everyone's Welcome . We're proud to have been accredited Disability Confident Leader and we're committed to providing a fully inclusive and accessible recruitment process. For further information on the accessibility support we can offer, please click here. We're a big business and we can offer a range of diverse full-time & part-time working patterns across our many business areas, which means that we can find something that works for you. We work in a more blended pattern -combining office and remote working. Our offices will continue to be where we connect, collaborate and innovate.
21/01/2025
Full time
Chief Information Security Officer (CISO) Tesco Mobile About the role Are you ready to step into a CISO position? Tesco Mobile is seeking a dedicated Security professional to join as their Chief Information Security Officer (CISO) who will have a significant role in crafting the future of our cyber security landscape. This is an outstanding opportunity to lead a world-class cyber security strategy within a dynamic and evolving business environment. By joining Tesco Mobile, you will be at the forefront of ensuring flawless security measures that protect our customers and business operations. You will report to Tesco Mobile's General Counsel and be part of our Cyber Security Chapter. You will collaborate with experts from Legal, Regulatory, Compliance, and Risk Management within our Business Integrity Centre of Excellence. You will be responsible for Key responsibilities: Be the face of security. Cultivate positive relationships, promote security, and discover opportunities for security to make valuable contributions within the business. Understand the security posture of the business and its processes in order to effectively engage them in the security improvement recommendations and cyber risk management. Be responsible for leading the cyber security strategy within the business and present risk-based security position and recommendations to management and executive teams. Drive the information security improvement plans which includes incorporating Tesco Group security requirements. Ensure adequate registration, analysis, resolution and reporting of privacy and information security incidents. Craft and coordinate information security assessments, pen testing, reviews and audits. Provide technical oversight of all security tooling and infrastructure services in use; Make recommendations on configuration and implementation improvements. Own third party vendor management for security services. Monitor and respond to emerging threat patterns, vulnerabilities and anomalies. Responsible for collaborating with the Tesco Group Security Operations team to help ensure the entire Tesco Group are protected against emerging threats. Ensure sufficient security assurance between collaborators (i.e. Tesco, Tesco Mobile, and Virgin Media O2) regarding cyber security for Virgin Media O2. You will need Extensive knowledge and experience in Cyber/Information Security to effectively collaborate with and support various collaborators. Strong working knowledge of security management principles and practices, including vulnerability management, event management, application security, Identity management, incident response. Excellent collaborator and ability to inspire change. Demonstrated ability to engage with a diverse set of collaborators and foster a security culture. Detail-oriented individual with a strong analytical background. Ideally previously hands on role in one of these domains, networks, sysadmin, software developer, security analyst. Security qualifications such as CISM, CISSP, CISA or equivalent. What's in it for you We're all about the little helps. That's why we make sure our Tesco colleague benefits package takes care of you - both in and out of work. Annual bonus scheme of up to 45% of base salary. Car Cash Allowance. Holiday starting at 25 days plus a personal day (plus Bank holidays). Private medical insurance. Retirement savings plan - save between 6% - 10% and Tesco will contribute 1.5 times this amount. 26 weeks maternity and adoption leave (after 1 years' service) at full pay, followed by 13 weeks of Statutory Maternity Pay or Statutory Adoption Pay, we also offer 6 weeks fully paid paternity leave. About us Our vision at Tesco is to become every customer's favourite way to shop, whether they are at home or out on the move. Our core purpose is 'Serving our customers, communities and planet a little better every day'. Serving means more than a transactional relationship with our customers. It means acting as a responsible and sustainable business for all stakeholders, for the communities we are part of and for the planet. Diversity, equity and inclusion (DE&I) at Tesco means that whoever you are and whatever your background, we always want you to feel represented and that you can be yourself at work. In short, we're a place where Everyone's Welcome . We're proud to have been accredited Disability Confident Leader and we're committed to providing a fully inclusive and accessible recruitment process. For further information on the accessibility support we can offer, please click here. We're a big business and we can offer a range of diverse full-time & part-time working patterns across our many business areas, which means that we can find something that works for you. We work in a more blended pattern -combining office and remote working. Our offices will continue to be where we connect, collaborate and innovate.
The following content displays a map of the jobs location - Welwyn Garden City Chief Information Security Officer (CISO) Tesco Mobile We're all about the little helps. That's why we make sure our Tesco colleague benefits package takes care of you - both in and out of work. Annual bonus scheme of up to 45% of base salary Holiday starting at 25 days plus a personal day (plus Bank holidays) Private medical insurance Retirement savings plan - save between 6% - 10% and Tesco will contribute 1.5 times this amount 26 weeks maternity and adoption leave (after 1 years' service) at full pay, followed by 13 weeks of Statutory Maternity Pay or Statutory Adoption Pay, we also offer 6 weeks fully paid paternity leave About the role Are you ready to step into a CISO position? Tesco Mobile is seeking a dedicated security professional to join as their Chief Information Security Officer (CISO) who will have a significant role in crafting the future of our cyber security landscape. This is an outstanding opportunity to lead a world-class cyber security strategy within a dynamic and evolving business environment. By joining Tesco Mobile, you will be at the forefront of ensuring flawless security measures that protect our customers and business operations. You will report to Tesco Mobile's General Counsel and be part of our Cyber Security Chapter. You will collaborate with experts from Legal, Regulatory, Compliance, and Risk Management within our Business Integrity Centre of Excellence. You will be responsible for Key responsibilities: Be the face of security. Cultivate positive relationships, promote security, and discover opportunities for security to make valuable contributions within the business. Understand the security posture of the business and its processes in order to effectively engage them in the security improvement recommendations and cyber risk management. Lead the cyber security strategy within the business and present risk-based security position and recommendations to management and executive teams. Drive the information security improvement plans which includes incorporating Tesco Group security requirements. Ensure adequate registration, analysis, resolution and reporting of privacy and information security incidents. Craft and coordinate information security assessments, pen testing, reviews and audits. Provide technical oversight of all security tooling and infrastructure services in use; make recommendations on configuration and implementation improvements. Own third party vendor management for security services. Monitor and respond to emerging threat patterns, vulnerabilities and anomalies. Collaborate with the Tesco Group Security Operations team to help ensure the entire Tesco Group is protected against emerging threats. Ensure sufficient security assurance between collaborators (i.e. Tesco, Tesco Mobile, and Virgin Media O2) regarding cyber security for Virgin Media O2. You will need Extensive knowledge and experience in Cyber/Information Security to effectively collaborate with and support various collaborators. Strong working knowledge of security management principles and practices, including vulnerability management, event management, application security, identity management, incident response. Excellent collaborator and ability to inspire change. Demonstrated ability to engage with a diverse set of collaborators and foster a security culture. Detail-oriented individual with a strong analytical background. Ideally, previously held a hands-on role in one of these domains: networks, sysadmin, software developer, security analyst. Security qualifications such as CISM, CISSP, CISA or equivalent. About us Our vision at Tesco is to become every customer's favourite way to shop, whether they are at home or out on the move. Our core purpose is 'Serving our customers, communities and planet a little better every day'. Serving means more than a transactional relationship with our customers. It means acting as a responsible and sustainable business for all stakeholders, for the communities we are part of and for the planet. Diversity, equity and inclusion (DE&I) at Tesco means that whoever you are and whatever your background, we always want you to feel represented and that you can be yourself at work. In short, we're a place where Everyone's Welcome . We're proud to have been accredited Disability Confident Leader and we're committed to providing a fully inclusive and accessible recruitment process. We're a big business and we can offer a range of diverse full-time & part-time working patterns across our many business areas, which means that we can find something that works for you. We work in a more blended pattern - combining office and remote working. Our offices will continue to be where we connect, collaborate and innovate.
20/01/2025
Full time
The following content displays a map of the jobs location - Welwyn Garden City Chief Information Security Officer (CISO) Tesco Mobile We're all about the little helps. That's why we make sure our Tesco colleague benefits package takes care of you - both in and out of work. Annual bonus scheme of up to 45% of base salary Holiday starting at 25 days plus a personal day (plus Bank holidays) Private medical insurance Retirement savings plan - save between 6% - 10% and Tesco will contribute 1.5 times this amount 26 weeks maternity and adoption leave (after 1 years' service) at full pay, followed by 13 weeks of Statutory Maternity Pay or Statutory Adoption Pay, we also offer 6 weeks fully paid paternity leave About the role Are you ready to step into a CISO position? Tesco Mobile is seeking a dedicated security professional to join as their Chief Information Security Officer (CISO) who will have a significant role in crafting the future of our cyber security landscape. This is an outstanding opportunity to lead a world-class cyber security strategy within a dynamic and evolving business environment. By joining Tesco Mobile, you will be at the forefront of ensuring flawless security measures that protect our customers and business operations. You will report to Tesco Mobile's General Counsel and be part of our Cyber Security Chapter. You will collaborate with experts from Legal, Regulatory, Compliance, and Risk Management within our Business Integrity Centre of Excellence. You will be responsible for Key responsibilities: Be the face of security. Cultivate positive relationships, promote security, and discover opportunities for security to make valuable contributions within the business. Understand the security posture of the business and its processes in order to effectively engage them in the security improvement recommendations and cyber risk management. Lead the cyber security strategy within the business and present risk-based security position and recommendations to management and executive teams. Drive the information security improvement plans which includes incorporating Tesco Group security requirements. Ensure adequate registration, analysis, resolution and reporting of privacy and information security incidents. Craft and coordinate information security assessments, pen testing, reviews and audits. Provide technical oversight of all security tooling and infrastructure services in use; make recommendations on configuration and implementation improvements. Own third party vendor management for security services. Monitor and respond to emerging threat patterns, vulnerabilities and anomalies. Collaborate with the Tesco Group Security Operations team to help ensure the entire Tesco Group is protected against emerging threats. Ensure sufficient security assurance between collaborators (i.e. Tesco, Tesco Mobile, and Virgin Media O2) regarding cyber security for Virgin Media O2. You will need Extensive knowledge and experience in Cyber/Information Security to effectively collaborate with and support various collaborators. Strong working knowledge of security management principles and practices, including vulnerability management, event management, application security, identity management, incident response. Excellent collaborator and ability to inspire change. Demonstrated ability to engage with a diverse set of collaborators and foster a security culture. Detail-oriented individual with a strong analytical background. Ideally, previously held a hands-on role in one of these domains: networks, sysadmin, software developer, security analyst. Security qualifications such as CISM, CISSP, CISA or equivalent. About us Our vision at Tesco is to become every customer's favourite way to shop, whether they are at home or out on the move. Our core purpose is 'Serving our customers, communities and planet a little better every day'. Serving means more than a transactional relationship with our customers. It means acting as a responsible and sustainable business for all stakeholders, for the communities we are part of and for the planet. Diversity, equity and inclusion (DE&I) at Tesco means that whoever you are and whatever your background, we always want you to feel represented and that you can be yourself at work. In short, we're a place where Everyone's Welcome . We're proud to have been accredited Disability Confident Leader and we're committed to providing a fully inclusive and accessible recruitment process. We're a big business and we can offer a range of diverse full-time & part-time working patterns across our many business areas, which means that we can find something that works for you. We work in a more blended pattern - combining office and remote working. Our offices will continue to be where we connect, collaborate and innovate.
Compliance Officer Up to 64,000 Portsmouth/Horley - Hybrid - 2x per week in office We are representing a market leading business in the energy sector, currently looking for Compliance Officer to join their company. With over 85 years of experience behind them, this well-established company owns and manages critical national infrastructure and is engaging in a forward funded futureproofing program with enormous potential for growth. As the Compliance Analyst, you will support the Cyber Security & Regulatory Compliance Manager in the development, implementation, and management of security policies across the organisation. You will work with stakeholders to review and update security policies and procedures, conduct regular assessments and audits, and ensure policies align with industry standards. We are looking for: Previous experience in a security policy management or related role. Strong experience in drafting policies and procedures. Great understanding of information security principles, frameworks and regulations. It would be a bonus if you had: Professional certifications - e.g., CISSP, CISM, CISA or GSTRT. If this sounds of interest, please apply today!
20/01/2025
Full time
Compliance Officer Up to 64,000 Portsmouth/Horley - Hybrid - 2x per week in office We are representing a market leading business in the energy sector, currently looking for Compliance Officer to join their company. With over 85 years of experience behind them, this well-established company owns and manages critical national infrastructure and is engaging in a forward funded futureproofing program with enormous potential for growth. As the Compliance Analyst, you will support the Cyber Security & Regulatory Compliance Manager in the development, implementation, and management of security policies across the organisation. You will work with stakeholders to review and update security policies and procedures, conduct regular assessments and audits, and ensure policies align with industry standards. We are looking for: Previous experience in a security policy management or related role. Strong experience in drafting policies and procedures. Great understanding of information security principles, frameworks and regulations. It would be a bonus if you had: Professional certifications - e.g., CISSP, CISM, CISA or GSTRT. If this sounds of interest, please apply today!
About the role Are you ready to step into a CISO position? Tesco Mobile is seeking a dedicated Security professional to join as their Chief Information Security Officer (CISO) who will have a significant role in crafting the future of our cyber security landscape. This is an outstanding opportunity to lead a world-class cyber security strategy within a dynamic and evolving business environment. By joining Tesco Mobile, you will be at the forefront of ensuring flawless security measures that protect our customers and business operations. You will report to Tesco Mobile's General Counsel and be part of our Cyber Security Chapter. You will collaborate with experts from Legal, Regulatory, Compliance, and Risk Management within our Business Integrity Centre of Excellence. You will be responsible for Key responsibilities: Be the face of security. Cultivate positive relationships, promote security, and discover opportunities for security to make valuable contributions within the business. Understand the security posture of the business and its processes in order to effectively engage them in the security improvement recommendations and cyber risk management. Be responsible for leading the cyber security strategy within the business and present risk-based security position and recommendations to management and executive teams. Drive the information security improvement plans which includes incorporating Tesco Group security requirements. Ensure adequate registration, analysis, resolution and reporting of privacy and information security incidents. Craft and coordinate information security assessments, pen testing, reviews and audits. Provide technical oversight of all security tooling and infrastructure services in use; Make recommendations on configuration and implementation improvements. Own third party vendor management for security services. Monitor and respond to emerging threat patterns, vulnerabilities and anomalies. Responsible for collaborating with the Tesco Group Security Operations team to help ensure the entire Tesco Group are protected against emerging threats. Ensure sufficient security assurance between collaborators (i.e. Tesco, Tesco Mobile, and Virgin Media O2) regarding cyber security for Virgin Media O2. You will need Extensive knowledge and experience in Cyber/Information Security to effectively collaborate with and support various collaborators. Strong working knowledge of security management principles and practices, including vulnerability management, event management, application security, Identity management, incident response. Excellent collaborator and ability to inspire change. Demonstrated ability to engage with a diverse set of collaborators and foster a security culture. Detail-oriented individual with a strong analytical background. Ideally previously hands on role in one of these domains, networks, sysadmin, software developer, security analyst. Security qualifications such as CISM, CISSP, CISA or equivalent. What's in it for you We're all about the little helps. That's why we make sure our Tesco colleague benefits package takes care of you - both in and out of work. Click Here to find out more! Annual bonus scheme of up to 45% of base salary. Car Cash Allowance. Holiday starting at 25 days plus a personal day (plus Bank holidays). Private medical insurance. Retirement savings plan - save between 6% - 10% and Tesco will contribute 1.5 times this amount. 26 weeks maternity and adoption leave (after 1 years' service) at full pay, followed by 13 weeks of Statutory Maternity Pay or Statutory Adoption Pay, we also offer 6 weeks fully paid paternity leave. About us Our vision at Tesco is to become every customer's favourite way to shop, whether they are at home or out on the move. Our core purpose is 'Serving our customers, communities and planet a little better every day'. Serving means more than a transactional relationship with our customers. It means acting as a responsible and sustainable business for all stakeholders, for the communities we are part of and for the planet. Diversity, equity and inclusion (DE&I) at Tesco means that whoever you are and whatever your background, we always want you to feel represented and that you can be yourself at work. In short, we're a place where Everyone's Welcome . We're proud to have been accredited Disability Confident Leader and we're committed to providing a fully inclusive and accessible recruitment process. For further information on the accessibility support we can offer, please click here . We're a big business and we can offer a range of diverse full-time & part-time working patterns across our many business areas, which means that we can find something that works for you. We work in a more blended pattern - combining office and remote working. Our offices will continue to be where we connect, collaborate and innovate.
19/01/2025
Full time
About the role Are you ready to step into a CISO position? Tesco Mobile is seeking a dedicated Security professional to join as their Chief Information Security Officer (CISO) who will have a significant role in crafting the future of our cyber security landscape. This is an outstanding opportunity to lead a world-class cyber security strategy within a dynamic and evolving business environment. By joining Tesco Mobile, you will be at the forefront of ensuring flawless security measures that protect our customers and business operations. You will report to Tesco Mobile's General Counsel and be part of our Cyber Security Chapter. You will collaborate with experts from Legal, Regulatory, Compliance, and Risk Management within our Business Integrity Centre of Excellence. You will be responsible for Key responsibilities: Be the face of security. Cultivate positive relationships, promote security, and discover opportunities for security to make valuable contributions within the business. Understand the security posture of the business and its processes in order to effectively engage them in the security improvement recommendations and cyber risk management. Be responsible for leading the cyber security strategy within the business and present risk-based security position and recommendations to management and executive teams. Drive the information security improvement plans which includes incorporating Tesco Group security requirements. Ensure adequate registration, analysis, resolution and reporting of privacy and information security incidents. Craft and coordinate information security assessments, pen testing, reviews and audits. Provide technical oversight of all security tooling and infrastructure services in use; Make recommendations on configuration and implementation improvements. Own third party vendor management for security services. Monitor and respond to emerging threat patterns, vulnerabilities and anomalies. Responsible for collaborating with the Tesco Group Security Operations team to help ensure the entire Tesco Group are protected against emerging threats. Ensure sufficient security assurance between collaborators (i.e. Tesco, Tesco Mobile, and Virgin Media O2) regarding cyber security for Virgin Media O2. You will need Extensive knowledge and experience in Cyber/Information Security to effectively collaborate with and support various collaborators. Strong working knowledge of security management principles and practices, including vulnerability management, event management, application security, Identity management, incident response. Excellent collaborator and ability to inspire change. Demonstrated ability to engage with a diverse set of collaborators and foster a security culture. Detail-oriented individual with a strong analytical background. Ideally previously hands on role in one of these domains, networks, sysadmin, software developer, security analyst. Security qualifications such as CISM, CISSP, CISA or equivalent. What's in it for you We're all about the little helps. That's why we make sure our Tesco colleague benefits package takes care of you - both in and out of work. Click Here to find out more! Annual bonus scheme of up to 45% of base salary. Car Cash Allowance. Holiday starting at 25 days plus a personal day (plus Bank holidays). Private medical insurance. Retirement savings plan - save between 6% - 10% and Tesco will contribute 1.5 times this amount. 26 weeks maternity and adoption leave (after 1 years' service) at full pay, followed by 13 weeks of Statutory Maternity Pay or Statutory Adoption Pay, we also offer 6 weeks fully paid paternity leave. About us Our vision at Tesco is to become every customer's favourite way to shop, whether they are at home or out on the move. Our core purpose is 'Serving our customers, communities and planet a little better every day'. Serving means more than a transactional relationship with our customers. It means acting as a responsible and sustainable business for all stakeholders, for the communities we are part of and for the planet. Diversity, equity and inclusion (DE&I) at Tesco means that whoever you are and whatever your background, we always want you to feel represented and that you can be yourself at work. In short, we're a place where Everyone's Welcome . We're proud to have been accredited Disability Confident Leader and we're committed to providing a fully inclusive and accessible recruitment process. For further information on the accessibility support we can offer, please click here . We're a big business and we can offer a range of diverse full-time & part-time working patterns across our many business areas, which means that we can find something that works for you. We work in a more blended pattern - combining office and remote working. Our offices will continue to be where we connect, collaborate and innovate.
IT Security Officer / IT Security Analyst / IT Risk Analyst - Security Audits, Risk Assessments, CISM, CISSP, CySA+, CASP+ etc; Security Standards. Guildford (2 days per week); Fully remote during pandemic, 2 days per week onsite post-return-to-office. Permanent. c.£55k- £65k + Benefits Global Insurance Company seeks an IT Security Officer / IT Security Analyst / IT Risk Analyst to assist in the development and dissemination of information security policies, procedures, and guidelines across the organisation. This is a Security Analysis role which will require the management of audits, risk assessments and the subsequent management and oversight of remedial actions taken by various software development and DevOps/SysAdmin teams and perimeter defence Network Engineering teams. The IT Security Officer / IT Security Analyst / IT Risk Analyst will monitor existing IT security controls to ensure compliance with security policies and procedures, identify vulnerabilities, take ownership of core security areas in active processes and projects on the security roadmap and create security policies which meet modern security compliance standards. This will involve managing the development of security procedures within the specific areas (software, network, production server, devops etc) and report to the Global Security team on the state of these areas. Day-to-day activities will require you to liaise with various business and technical departmental stakeholders to actively identify and resolve vulnerabilities in the technical environment. You will also need to identify areas for improvement in security policies and procedures relating to multiple enterprise systems and infrastructure environments operated by the corporate entity. You will employ a variety of standards covering aspects such as COBIT, IASME Cyber Security, GDPR and work to bring systems up to standards required by the German Federal Financial Supervisory Authority: BaFin (due to the company's presence and profile in Germany). We are searching for an IT Security Officer / IT Security Analyst / IT Risk Analyst who can bring procedural security knowledge, experience along with technical understanding of software, server and network environments and the application of security procedures within best practice. You will be an information security professional who holds certifications ranging from CySA+, CASP+, CISSP, Security+, CISA, CISM, and may have some exposure to frameworks such as COBIT, ISO27001 or have worked to FCA standards or indeed to BaFin standards within financial services. You will be familiar with undertaking risk assessments and reporting results and guidance to technical teams and business stakeholders alike and working closely with senior level business stakeholders to disseminate a security focussed approach. Excellent organisation and communication skills are pre-requisite. Excellent opportunity to work with one of the world's largest Insurance companies employing cutting edge technologies dispersed across a global enterprise. Excellent opportunity for career growth and personal development.
07/10/2021
Full time
IT Security Officer / IT Security Analyst / IT Risk Analyst - Security Audits, Risk Assessments, CISM, CISSP, CySA+, CASP+ etc; Security Standards. Guildford (2 days per week); Fully remote during pandemic, 2 days per week onsite post-return-to-office. Permanent. c.£55k- £65k + Benefits Global Insurance Company seeks an IT Security Officer / IT Security Analyst / IT Risk Analyst to assist in the development and dissemination of information security policies, procedures, and guidelines across the organisation. This is a Security Analysis role which will require the management of audits, risk assessments and the subsequent management and oversight of remedial actions taken by various software development and DevOps/SysAdmin teams and perimeter defence Network Engineering teams. The IT Security Officer / IT Security Analyst / IT Risk Analyst will monitor existing IT security controls to ensure compliance with security policies and procedures, identify vulnerabilities, take ownership of core security areas in active processes and projects on the security roadmap and create security policies which meet modern security compliance standards. This will involve managing the development of security procedures within the specific areas (software, network, production server, devops etc) and report to the Global Security team on the state of these areas. Day-to-day activities will require you to liaise with various business and technical departmental stakeholders to actively identify and resolve vulnerabilities in the technical environment. You will also need to identify areas for improvement in security policies and procedures relating to multiple enterprise systems and infrastructure environments operated by the corporate entity. You will employ a variety of standards covering aspects such as COBIT, IASME Cyber Security, GDPR and work to bring systems up to standards required by the German Federal Financial Supervisory Authority: BaFin (due to the company's presence and profile in Germany). We are searching for an IT Security Officer / IT Security Analyst / IT Risk Analyst who can bring procedural security knowledge, experience along with technical understanding of software, server and network environments and the application of security procedures within best practice. You will be an information security professional who holds certifications ranging from CySA+, CASP+, CISSP, Security+, CISA, CISM, and may have some exposure to frameworks such as COBIT, ISO27001 or have worked to FCA standards or indeed to BaFin standards within financial services. You will be familiar with undertaking risk assessments and reporting results and guidance to technical teams and business stakeholders alike and working closely with senior level business stakeholders to disseminate a security focussed approach. Excellent organisation and communication skills are pre-requisite. Excellent opportunity to work with one of the world's largest Insurance companies employing cutting edge technologies dispersed across a global enterprise. Excellent opportunity for career growth and personal development.
Prism Digital
Information Security Analyst - SIEM - Famous Arts Institution A world-renowned arts institution based in South Kensington is looking for a Cyber Security Analyst You will be joining an IT department of circa 20 staff. Your role will be as a very hands on IT Security specialist to maintain the internal and external security of the business at a large scale; 3,000 devices and 1,200 end users. You will be responsible for the day-to-day actions that will ensure the established information security policies are adhered to by all staff and all systems. You will monitor all security and compliance systems regularly taking action where required or ensuring that others who are responsible for those systems are taking appropriate action. Main tasks: * Lead the development, documentation and maintenance of information security policies, procedures, and standards across the organisation * Proactively initiate, facilitate, and promote activities to create awareness of information security * Assist in system and software architecture and design to ensure that data and assets remain secure at all times * Perform Information Security Risk Assessments of all new systems implemented * Perform regular risk assessments and work closely with auditors to pre-empt, mitigate, and swiftly respond to any audit findings * To investigate suspected and actual security incidents in accordance with the security incident management standard, produce reports with recommendations and ensure any remedial action is taken * Work with the IT Security Manager to implement and maintain the Information Security Management System (ISMS) * Manage the Security Information and Event Management system (SIEM) and other security systems ensuring appropriate actions are taken for all issues flagged for action by the system * Monitor all security compliance reporting ensuring appropriate actions are taken in response to the report details and escalating issues as required * Monitor security risks using data from security vendors, application vendors, government security organisations and other appropriate information sources and highlight areas of concern to the IT Security Manager * Monitor all security systems for potential security breaches and recommend remedial actions to be taken * Manage regular penetration tests (internal and external) Monitor the SIEM for issues arising Check compliance reports daily and get others to make appropriate updates Work with the Programme Manager on developing further compliance reports for regular review Verify Windows patches are applied by performing random checks Implement Nessus scanner with Cyber Essentials rules for internal systems to verify compliance levels Follow up on any phishing attacks or other security events to ensure proper process and documentation is followed Assist in putting together an Information Security Risk Assessment template and then conducting those for each of our systems. Follow up on penetration test results liaising with internal teams and external vendors to deliver required remediation Essential requirements: * Formal Information Security qualification (CISM, CISSP/CISA or equivalent) * At least 3 years of experience in Information Security Management or IT Audit related role * Understanding of ISO27001, Cyber Essentials, business continuity and compliance and audit frameworks * Understanding of IT infrastructure, networking systems and information management systems * Experienced in the selection and implementation of appropriate security controls * Ability to produce clear written material for Senior Management * Ability to communicate technical information in a clear and understandable manner to non-technical stakeholders * Ability to direct, interact and effectively share technical issues with IT staff and end users Desirable requirements: * Familiar with the configuration and operation of Nessus * Working within an ISO27001 or Cyber Essentials compliant environment * Strong understanding of GDPR and PCIDSS * Excellent analytical and problem-solving skills * Experience establishing an ISMS and SIEM Benefits: 28 days holiday 10% Co. Pension - no personal contrib needed Season Ticket Loan Cycle to Work Scheme Heavily subsidised Staff Canteen 36 Working Hour Week with a degree of flex Information Security Analyst - SIEM - Famous Arts Institution This is an amazing company to work for and they are looking for someone to start ASAP!
15/02/2019
Prism Digital
Information Security Analyst - SIEM - Famous Arts Institution A world-renowned arts institution based in South Kensington is looking for a Cyber Security Analyst You will be joining an IT department of circa 20 staff. Your role will be as a very hands on IT Security specialist to maintain the internal and external security of the business at a large scale; 3,000 devices and 1,200 end users. You will be responsible for the day-to-day actions that will ensure the established information security policies are adhered to by all staff and all systems. You will monitor all security and compliance systems regularly taking action where required or ensuring that others who are responsible for those systems are taking appropriate action. Main tasks: * Lead the development, documentation and maintenance of information security policies, procedures, and standards across the organisation * Proactively initiate, facilitate, and promote activities to create awareness of information security * Assist in system and software architecture and design to ensure that data and assets remain secure at all times * Perform Information Security Risk Assessments of all new systems implemented * Perform regular risk assessments and work closely with auditors to pre-empt, mitigate, and swiftly respond to any audit findings * To investigate suspected and actual security incidents in accordance with the security incident management standard, produce reports with recommendations and ensure any remedial action is taken * Work with the IT Security Manager to implement and maintain the Information Security Management System (ISMS) * Manage the Security Information and Event Management system (SIEM) and other security systems ensuring appropriate actions are taken for all issues flagged for action by the system * Monitor all security compliance reporting ensuring appropriate actions are taken in response to the report details and escalating issues as required * Monitor security risks using data from security vendors, application vendors, government security organisations and other appropriate information sources and highlight areas of concern to the IT Security Manager * Monitor all security systems for potential security breaches and recommend remedial actions to be taken * Manage regular penetration tests (internal and external) Monitor the SIEM for issues arising Check compliance reports daily and get others to make appropriate updates Work with the Programme Manager on developing further compliance reports for regular review Verify Windows patches are applied by performing random checks Implement Nessus scanner with Cyber Essentials rules for internal systems to verify compliance levels Follow up on any phishing attacks or other security events to ensure proper process and documentation is followed Assist in putting together an Information Security Risk Assessment template and then conducting those for each of our systems. Follow up on penetration test results liaising with internal teams and external vendors to deliver required remediation Essential requirements: * Formal Information Security qualification (CISM, CISSP/CISA or equivalent) * At least 3 years of experience in Information Security Management or IT Audit related role * Understanding of ISO27001, Cyber Essentials, business continuity and compliance and audit frameworks * Understanding of IT infrastructure, networking systems and information management systems * Experienced in the selection and implementation of appropriate security controls * Ability to produce clear written material for Senior Management * Ability to communicate technical information in a clear and understandable manner to non-technical stakeholders * Ability to direct, interact and effectively share technical issues with IT staff and end users Desirable requirements: * Familiar with the configuration and operation of Nessus * Working within an ISO27001 or Cyber Essentials compliant environment * Strong understanding of GDPR and PCIDSS * Excellent analytical and problem-solving skills * Experience establishing an ISMS and SIEM Benefits: 28 days holiday 10% Co. Pension - no personal contrib needed Season Ticket Loan Cycle to Work Scheme Heavily subsidised Staff Canteen 36 Working Hour Week with a degree of flex Information Security Analyst - SIEM - Famous Arts Institution This is an amazing company to work for and they are looking for someone to start ASAP!
The JM Group is working with a large financial services client and is seeking a Cyber Security Incident Response Analyst on a contract basis in Bromley paying circa £650 - £750 per day.
The Cyber Security Incident Response Analyst will be part of the Security Engineering team, supporting and responding to security incidents.
The ideal Cyber Security Incident Response Analyst will also have the following skills and experience:
* Strong experience managing an incident from end to end
* Excellent knowledge of Information Security
* Experience of Cyber response / Cyber resilience
* Understanding of building crisis management frameworks, cyber resilience frameworks and cyber response artefacts
* Good knowledge of Security Configuration
* Experience working with Security and Information Event Management tool sets.
* Knowledge of Networks, applications, end user devices and telephony.
* One or more of the following certifications:
o CISM
o CISSP
o M.Inst.ISP
o CISA
o GIAC Certified Incident Handler
o EC- Council Certified Incident Handler
* Financial Services Experience - Beneficial
* Programming language knowledge: C#, Java, Python, PHP - Beneficial
If you are an experienced Cyber Security Incident Response Analyst with the required skills, please respond in the first instance with the most recent version of your CV.
The JM Group is operating and advertising as an Employment Agency for permanent positions and as an Employment Business for interim / contract / temporary positions. The JM Group is an Equal Opportunities employer and we encourage applicants from all backgrounds
09/09/2016
The JM Group is working with a large financial services client and is seeking a Cyber Security Incident Response Analyst on a contract basis in Bromley paying circa £650 - £750 per day.
The Cyber Security Incident Response Analyst will be part of the Security Engineering team, supporting and responding to security incidents.
The ideal Cyber Security Incident Response Analyst will also have the following skills and experience:
* Strong experience managing an incident from end to end
* Excellent knowledge of Information Security
* Experience of Cyber response / Cyber resilience
* Understanding of building crisis management frameworks, cyber resilience frameworks and cyber response artefacts
* Good knowledge of Security Configuration
* Experience working with Security and Information Event Management tool sets.
* Knowledge of Networks, applications, end user devices and telephony.
* One or more of the following certifications:
o CISM
o CISSP
o M.Inst.ISP
o CISA
o GIAC Certified Incident Handler
o EC- Council Certified Incident Handler
* Financial Services Experience - Beneficial
* Programming language knowledge: C#, Java, Python, PHP - Beneficial
If you are an experienced Cyber Security Incident Response Analyst with the required skills, please respond in the first instance with the most recent version of your CV.
The JM Group is operating and advertising as an Employment Agency for permanent positions and as an Employment Business for interim / contract / temporary positions. The JM Group is an Equal Opportunities employer and we encourage applicants from all backgrounds
The JM Group is working with a large financial services client and is seeking a Cyber Security Incident Response Analyst on a contract basis in Bromley paying circa £650 - £750 per day.
The Cyber Security Incident Response Analyst will be part of the Security Engineering team, supporting and responding to security incidents.
The ideal Cyber Security Incident Response Analyst will also have the following skills and experience:
* Strong experience managing an incident from end to end
* Excellent knowledge of Information Security
* Experience of Cyber response / Cyber resilience
* Understanding of building crisis management frameworks, cyber resilience frameworks and cyber response artefacts
* Good knowledge of Security Configuration
* Experience working with Security and Information Event Management tool sets.
* Knowledge of Networks, applications, end user devices and telephony.
* One or more of the following certifications:
o CISM
o CISSP
o M.Inst.ISP
o CISA
o GIAC Certified Incident Handler
o EC- Council Certified Incident Handler
* Financial Services Experience - Beneficial
* Programming language knowledge: C#, Java, Python, PHP - Beneficial
If you are an experienced Cyber Security Incident Response Analyst with the required skills, please respond in the first instance with the most recent version of your CV.
The JM Group is operating and advertising as an Employment Agency for permanent positions and as an Employment Business for interim / contract / temporary positions. The JM Group is an Equal Opportunities employer and we encourage applicants from all backgrounds
09/09/2016
The JM Group is working with a large financial services client and is seeking a Cyber Security Incident Response Analyst on a contract basis in Bromley paying circa £650 - £750 per day.
The Cyber Security Incident Response Analyst will be part of the Security Engineering team, supporting and responding to security incidents.
The ideal Cyber Security Incident Response Analyst will also have the following skills and experience:
* Strong experience managing an incident from end to end
* Excellent knowledge of Information Security
* Experience of Cyber response / Cyber resilience
* Understanding of building crisis management frameworks, cyber resilience frameworks and cyber response artefacts
* Good knowledge of Security Configuration
* Experience working with Security and Information Event Management tool sets.
* Knowledge of Networks, applications, end user devices and telephony.
* One or more of the following certifications:
o CISM
o CISSP
o M.Inst.ISP
o CISA
o GIAC Certified Incident Handler
o EC- Council Certified Incident Handler
* Financial Services Experience - Beneficial
* Programming language knowledge: C#, Java, Python, PHP - Beneficial
If you are an experienced Cyber Security Incident Response Analyst with the required skills, please respond in the first instance with the most recent version of your CV.
The JM Group is operating and advertising as an Employment Agency for permanent positions and as an Employment Business for interim / contract / temporary positions. The JM Group is an Equal Opportunities employer and we encourage applicants from all backgrounds
The JM Group is working with a large financial services client and is seeking a Cyber Security Incident Response Analyst on a contract basis in Bromley paying circa £650 - £750 per day.
The Cyber Security Incident Response Analyst will be part of the Security Engineering team, supporting and responding to security incidents.
The ideal Cyber Security Incident Response Analyst will also have the following skills and experience:
* Strong experience managing an incident from end to end
* Excellent knowledge of Information Security
* Experience of Cyber response / Cyber resilience
* Understanding of building crisis management frameworks, cyber resilience frameworks and cyber response artefacts
* Good knowledge of Security Configuration
* Experience working with Security and Information Event Management tool sets.
* Knowledge of Networks, applications, end user devices and telephony.
* One or more of the following certifications:
o CISM
o CISSP
o M.Inst.ISP
o CISA
o GIAC Certified Incident Handler
o EC- Council Certified Incident Handler
* Financial Services Experience - Beneficial
* Programming language knowledge: C#, Java, Python, PHP - Beneficial
If you are an experienced Cyber Security Incident Response Analyst with the required skills, please respond in the first instance with the most recent version of your CV.
The JM Group is operating and advertising as an Employment Agency for permanent positions and as an Employment Business for interim / contract / temporary positions. The JM Group is an Equal Opportunities employer and we encourage applicants from all backgrounds
09/09/2016
The JM Group is working with a large financial services client and is seeking a Cyber Security Incident Response Analyst on a contract basis in Bromley paying circa £650 - £750 per day.
The Cyber Security Incident Response Analyst will be part of the Security Engineering team, supporting and responding to security incidents.
The ideal Cyber Security Incident Response Analyst will also have the following skills and experience:
* Strong experience managing an incident from end to end
* Excellent knowledge of Information Security
* Experience of Cyber response / Cyber resilience
* Understanding of building crisis management frameworks, cyber resilience frameworks and cyber response artefacts
* Good knowledge of Security Configuration
* Experience working with Security and Information Event Management tool sets.
* Knowledge of Networks, applications, end user devices and telephony.
* One or more of the following certifications:
o CISM
o CISSP
o M.Inst.ISP
o CISA
o GIAC Certified Incident Handler
o EC- Council Certified Incident Handler
* Financial Services Experience - Beneficial
* Programming language knowledge: C#, Java, Python, PHP - Beneficial
If you are an experienced Cyber Security Incident Response Analyst with the required skills, please respond in the first instance with the most recent version of your CV.
The JM Group is operating and advertising as an Employment Agency for permanent positions and as an Employment Business for interim / contract / temporary positions. The JM Group is an Equal Opportunities employer and we encourage applicants from all backgrounds