We are the AA. And we keep everyone's show on the road. There for our customers wherever and whenever they need us, we're always ready for anything. That's why, for over 100 years, we've continued to evolve and adapt. Today, as the nation's number one motoring organization, we offer a range of excellent products and services to millions of customers.
This is the job
To focus on cybersecurity Assurance activities, as defined by the Information Security Director, you will be responsible for designing, building and delivering a cybersecurity assurance framework, aligned to NIST and within the AA's existing ISO27001 compliant ISMS framework. The testing of security risk controls will be a key focus for the role holder.
Additionally, to be one of the security interfaces to all change and IT projects and act as the security subject matter expert ensuring robust security controls are implemented to manage risks and comply to regulatory and internal policy and standards. By utilising your business consulting acumen, you will work collaboratively within the AA to advise on security aspects of change to design build and implement pragmatic security solutions to mitigate risks to the organisation.
Capability, Knowledge and Experience:
* Previous technology security consultancy experience
* A good understanding of information security requirements and knowledge of applicable regulations and standards, e.g. ISO 27002, ISO 27001:2013, ISO 13335, ISO 13569, Data Protection Act (2018), RMADS, EU Data Protection Directive and PCI DSS
* Be able to demonstrate a pragmatic understanding and experience in deploying infrastructure and software solutions.
* Knowledge of IT security solutions and their integration and operation into business systems and processes
* Experience in using a formalised security risk management methodology
* A proven track record in Information Security
* Experience in ITIL and/or Prince2
Education and Qualifications:
* Technical degree or CISSP, CISM