Up to £75000 per annum
over 1 year ago
Security Assurance Specialist
Salary: £65,000 - £75,000
Our client help their customers remain secure and resilient in a world of increasingly sophisticated cyber-attacks. We offer a unique combination of highly resilient networks, enterprise-class cloud platforms, advanced security systems and expert advice, helping limit the risks of a mobile workforce, such as commercial losses, regulatory breaches or threats to individuals, whilst enabling productivity and employee satisfaction. Joining us as a Security Assurance Specialist, you can be part of our empowering our Cyber Security function.
Maintain an up to date picture of the clients control effectiveness and compliance with security policies and standards, including deviations, weaknesses and the associated risks.
Apply intelligence/ situational awareness to prioritise assurance activities based on risk.
Track remediation activities.
Prepare metrics and KPIs on control effectiveness and remediation status, and report status.
Provide guidance to other security staff on security assurance and control testing techniques and best practice.
Drive automated control testing by working with other teams and technology security programmes.
Oversee security assurance and remediation activities performed across the client and provide a consolidated status view to management.
Solid years of technical experience in controls testing in complex IT or Telecommunications environments.
Familiarity with of security risks as well as processes, technologies and tools to mitigate these risks - preferably including the specific risks and countermeasures in the Telecommunications environment.
Experience in technical control testing, assurance and compliance.
Excellent reporting (oral and written) and stakeholder management skills.
Attention to detail, strong analytical skills and efficient problem solving capability.
Used to work in a global environment and ability to adapt style to different cultures and audiences.
Solid knowledge and experience of different technologies (web applications, infrastructure, operating systems, cloud).
Ideally certifications as CISSP, SSCP, CISM, ISO27001 lead auditor and experience in working with ISO27001 and NIST security frameworks.