Security Specialist ISO/IEC 27001
Security Specialist with ISO/IEC 27001; 2013 Framework / ISMS required for a great opportunity on a permanent basis working for a rapidly growing organisation based in Coventry.
As the Security Specialist, you will be required to be responsible for:
- Take the lead in development of ISMS based on ISO/IEC 27001:2013 and act as SME in driving the ISMS program
- Develop and continuously improve security process and controls to support both internal and external regulations and the implementation of the ISMS ISO/IEC 27001:2013 framework
- Support the risk, compliance and audit activities
- Support third party management activities
- Knowledge, Experience & Technical Know How:
- Design, operation and continuous improvement of ISO/IEC 27001:2013 ISMS
- Develop and continuously improve security process and controls to support both internal and external regulations and the implementation of the ISMS ISO/IEC 27001:2013 framework;
- Identifying and remediating control "gaps" within policy and processes;
- Risk analysis and conducting risk workshops
- Regular reporting to senior stakeholders on security, governance risk and compliance
- Raise awareness of security into "business as usual" processes, as well as implementing and running periodic controls assurance programmes;
- Manage and maintain the risk register
- Work closely with all stakeholders to ensure integration between business and security in policy process and risk activities;
- Represent Digital Risk and Security in relevant forums to move forward ongoing security initiatives within my client, and define/implement new ones;
- Co-ordinate and liaise with Internal and External Auditors during security audits
- Co-ordinate and manage vulnerability and pen testing scope and pen tester engagements
- Manage vulnerability and pen test corrective activities
- Ensure that security and controls services performed by outsourced providers are in accordance with agreed standards.
- Co-ordinate forensic investigations as required to support controls environment.
- Provide reporting on all activities and progress
Experience required for this opportunity is:
- ISO/IEC27001/2013 Lead Auditor/Implementer
- Experience in developing and implementing ISMS
- Experience in security management practices
- Experience in ITIL best practices
- Experience in working with suppliers and business and able to communicate to all levels of seniority and knowledge
Successful candidates will be contacted immediately
Parity Professionals - Source, Develop, Transform
Parity Professionals Ltd acts in the capacity of an Employment Agency when providing permanent recruitment services.