Your new role You will be overseeing the development and enforcement of cyber security protocols. You will have the opportunity to lead a Cyber Security team in safeguarding systems by managing threat protection infrastructure and ensuring compliance. Analyse and report on cyber threats, advising on risk mitigation and legal adherence to enhance security measures. Your responsibilities will include (but not be limited to): Perform comprehensive security control reviews and collaborate with external experts. Analyse IT security posture, manage OS patches, and conduct vulnerability scans; advise on risk mitigation. Investigate security breaches, preserve evidence, and maintain a Cybersecurity Incident Response Plan. Develop IT security training for users and promote security awareness. Support IT leadership in technical planning and prioritise system developments. Manage daily IT security operations, liaise with stakeholders, and ensure technology alignment. Oversee server and software maintenance, including upgrades and virtualisation. Monitor IT security performance, maintain service standards, and implement improvements. Adhere to change management protocols Lead the introduction of new cybersecurity technologies and services. Coordinate business continuity and disaster recovery planning, documentation, and testing. Assist in evaluating and procuring IT hardware and software solutions. Offer expert advice on IT infrastructure, security, and future technological developments. Handle IT service requests and maintain customer service excellence. What you'll need to succeed Strong experience of cyber security Extensive practical experience in managing Microsoft server systems, NGAV, Amazon Cloud services, AD, ADFS, M365, security, public clouds, Azure services, SIEM, vulnerability assessment, patch management, DLP, and endpoint protection. Substantial proven expertise in supporting large corporate systems and applications within a large enterprise networked environment. (Educational background is a plus) Operational experience with Voice and Wireless LAN standards. Developing Cyber Security Incident Plan (CIRP) with forensic readiness. Strong experience in Data Networking Protocols (TCP/IP, OSPF, DHCP, DNS). Proven track record in efficient business processes, operational service delivery, and staff scheduling. Implementing operational changes within a team. What you'll get in return Job Security and Longevity: Enjoy stability and confidence in your employment. Career Growth: Opportunity to develop and progress into the cyber security management space by leading a team. Generous Leave: Benefit from 30 days of annual leave plus public holidays. Flexible Work Arrangement: Enjoy a hybrid working pattern that balances office and remote work. Salary between £54,000 - 61,000 per annum What you need to do now If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV Hays EA is a trading division of Hays Specialist Recruitment Limited and acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found on our website.
24/04/2024
Full time
Your new role You will be overseeing the development and enforcement of cyber security protocols. You will have the opportunity to lead a Cyber Security team in safeguarding systems by managing threat protection infrastructure and ensuring compliance. Analyse and report on cyber threats, advising on risk mitigation and legal adherence to enhance security measures. Your responsibilities will include (but not be limited to): Perform comprehensive security control reviews and collaborate with external experts. Analyse IT security posture, manage OS patches, and conduct vulnerability scans; advise on risk mitigation. Investigate security breaches, preserve evidence, and maintain a Cybersecurity Incident Response Plan. Develop IT security training for users and promote security awareness. Support IT leadership in technical planning and prioritise system developments. Manage daily IT security operations, liaise with stakeholders, and ensure technology alignment. Oversee server and software maintenance, including upgrades and virtualisation. Monitor IT security performance, maintain service standards, and implement improvements. Adhere to change management protocols Lead the introduction of new cybersecurity technologies and services. Coordinate business continuity and disaster recovery planning, documentation, and testing. Assist in evaluating and procuring IT hardware and software solutions. Offer expert advice on IT infrastructure, security, and future technological developments. Handle IT service requests and maintain customer service excellence. What you'll need to succeed Strong experience of cyber security Extensive practical experience in managing Microsoft server systems, NGAV, Amazon Cloud services, AD, ADFS, M365, security, public clouds, Azure services, SIEM, vulnerability assessment, patch management, DLP, and endpoint protection. Substantial proven expertise in supporting large corporate systems and applications within a large enterprise networked environment. (Educational background is a plus) Operational experience with Voice and Wireless LAN standards. Developing Cyber Security Incident Plan (CIRP) with forensic readiness. Strong experience in Data Networking Protocols (TCP/IP, OSPF, DHCP, DNS). Proven track record in efficient business processes, operational service delivery, and staff scheduling. Implementing operational changes within a team. What you'll get in return Job Security and Longevity: Enjoy stability and confidence in your employment. Career Growth: Opportunity to develop and progress into the cyber security management space by leading a team. Generous Leave: Benefit from 30 days of annual leave plus public holidays. Flexible Work Arrangement: Enjoy a hybrid working pattern that balances office and remote work. Salary between £54,000 - 61,000 per annum What you need to do now If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV Hays EA is a trading division of Hays Specialist Recruitment Limited and acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found on our website.
Job Description: Infosight Consulting is looking for Project Engineer for one of the challenging and exciting projects. Role: Project Engineer Location: Leven, Fife, UK Contract Position Infosight is looking for Project Engineer with: Support the Civils Capex Project Engineer on the ground with safe working practises, adherent to RAMS, site inductions are planned and contractors have access to site in advance of activities starting. Ensure compliance with all relevant health, safety and environmental standards, including the Construction, Design & Management Regulations. The role holder will have a construction/H&S engineering management background. Use specialist knowledge to support safe deliver capex projects, working closely with Supply Operations teams and Capex Project Engineers. Consult on induction content for CDM projects (should be led by PC) Facilitate joint safety inspections with site teams Support Project Manager(s) on preparation of key H&S documentation and plans (eg PCI, CPP, Traffic Management, H&S File, Risk Assessments, site set up plan, etc) Ensure H&S has been considered at outset of project (before approval and tender issue) to ensure safety standards and ways of working are business as usual Support site set up (should be led by Project Engineer. H&S Lead to provide input/guidance and help co-ordinate implementation) Support PEs with pre-start walkthroughs, RAMS review and engage with site control of contractors process Co-ordinate with operations on key interfaces (eg temp walkways, updates to traffic management plans, security requirements, etc.) Be an ambassador/champion for H&S excellence during the construction phase, ie correct use of PPE at all times, challenging constructively where appropriate, providing feedback to project team and operatives on H&S performance, suggest ways to improve H&S performance. Attend daily white board meetings as often as practicable (frequency should be agreed with Technical Manager/Lead PE). contractors. Carry out audits and Immediate Corrective Action walks (ICAs) and record in project folder Day to day co-ordination at project interfaces (co-ordination within project boundary is main contractor responsibility) Drive accident/incident investigations including co-ordination with Global Eng Regional H&S Manager Support PEs with input of H&S Stats Assist in the delivery of any behavioural safety initiatives and training. Identify reoccurring safety concerns and proactively resolve by engaging with Skills Must have NEBOSH General Certificate as a minimum Health & Safety Management. The main focus of role is to support the Safe management of contractors: Construction/Project/Civil Management WHAT INFOSIGHT OFFERS Excellent Pay Packages An Opportunity to work in Global locations at our Client Sites Flexi-Working arrangement ABOUT INFOSIGHT Infosight Consulting is a Business & IT consulting company, head quartered in United Kingdom, operating since 2006 globally, specializes in SAP, Oracle & Ramco Solutions. Infosight has been delivering outstanding value to its customers by addressing their Business Challenges with appropriate application & services.
23/04/2024
Project-based
Job Description: Infosight Consulting is looking for Project Engineer for one of the challenging and exciting projects. Role: Project Engineer Location: Leven, Fife, UK Contract Position Infosight is looking for Project Engineer with: Support the Civils Capex Project Engineer on the ground with safe working practises, adherent to RAMS, site inductions are planned and contractors have access to site in advance of activities starting. Ensure compliance with all relevant health, safety and environmental standards, including the Construction, Design & Management Regulations. The role holder will have a construction/H&S engineering management background. Use specialist knowledge to support safe deliver capex projects, working closely with Supply Operations teams and Capex Project Engineers. Consult on induction content for CDM projects (should be led by PC) Facilitate joint safety inspections with site teams Support Project Manager(s) on preparation of key H&S documentation and plans (eg PCI, CPP, Traffic Management, H&S File, Risk Assessments, site set up plan, etc) Ensure H&S has been considered at outset of project (before approval and tender issue) to ensure safety standards and ways of working are business as usual Support site set up (should be led by Project Engineer. H&S Lead to provide input/guidance and help co-ordinate implementation) Support PEs with pre-start walkthroughs, RAMS review and engage with site control of contractors process Co-ordinate with operations on key interfaces (eg temp walkways, updates to traffic management plans, security requirements, etc.) Be an ambassador/champion for H&S excellence during the construction phase, ie correct use of PPE at all times, challenging constructively where appropriate, providing feedback to project team and operatives on H&S performance, suggest ways to improve H&S performance. Attend daily white board meetings as often as practicable (frequency should be agreed with Technical Manager/Lead PE). contractors. Carry out audits and Immediate Corrective Action walks (ICAs) and record in project folder Day to day co-ordination at project interfaces (co-ordination within project boundary is main contractor responsibility) Drive accident/incident investigations including co-ordination with Global Eng Regional H&S Manager Support PEs with input of H&S Stats Assist in the delivery of any behavioural safety initiatives and training. Identify reoccurring safety concerns and proactively resolve by engaging with Skills Must have NEBOSH General Certificate as a minimum Health & Safety Management. The main focus of role is to support the Safe management of contractors: Construction/Project/Civil Management WHAT INFOSIGHT OFFERS Excellent Pay Packages An Opportunity to work in Global locations at our Client Sites Flexi-Working arrangement ABOUT INFOSIGHT Infosight Consulting is a Business & IT consulting company, head quartered in United Kingdom, operating since 2006 globally, specializes in SAP, Oracle & Ramco Solutions. Infosight has been delivering outstanding value to its customers by addressing their Business Challenges with appropriate application & services.
Lead IT Security Manager Permanent Birmingham - 2 Days per week on site £48,900 - £61,140 per annum My client in the Rail industry are looking for a Lead IT Security Manager to join their fast-paced Operations team on a permanent basis. The Lead IT Security Manager is responsible for is the effective management of the Security Operations pillar within the IT Security, Compliance & Identity function. This includes Security technology and Security Operations Centre management. Key focus areas for this role, the ideal candidate will have experience in each of the below; Threat & Vulnerability Management Security Operations Centre - 24/7 Outsourced Web & Content Filtering - ProofPoint, Zscaler, etc. Endpoint Security Infrastructure Security Accountabilities * Lead the Security Operations pillar, determining and delivering requirements, methods, and tools to provide value and reduce risk across proactive monitoring, incident response, threat management and vulnerability management (among other activity) . * Lead the creation and maintenance of Security Operations policy, standards procedures, and documentation (including playbooks and guidance). * Manage the application and compliance of security operations procedures, reviewing actual and potential security breaches, and ensuring their investigation. * Lead the Security Operations team's response to incidents, recommending actions and appropriate control improvements. * Monitor the external environment to gather intelligence on emerging technologies, documenting impacts, threats, and opportunities to IT. * Provide expert advice on threat intelligence activities, identifying which threat categories are most dangerous to the organization and how to defend against them. * Manage vulnerability assessment activities within company IT, providing expert advice where necessary in the review of vulnerability assessment tools and techniques. * Develop, maintain, and test Security Operations' incident management procedures, investigating escalated incidents and facilitating recovery post-incident resolution. * Lead Security Operations risk management activities, leading on the identification of risks and vulnerabilities and assessment of their impacts. * Manage and oversee the day-to-day activity of the SOC supplier who will deliver security capabilities, communicating their activity to relevant teams. * Manage the design, delivery, maintenance, and continuous improvement of the IT Security Ops capabilities in line with business needs. * Manage the Security Operations Centre (SOC) capability, ensuring effective protection, defence, and response to IT security risks. * Promote the Security, Compliance & Identity function to develop and enhance the team profile to develop enduring relationships with stakeholders and teams. * Implement a multi-year Security roadmap that provides proactive capabilities which enable business objectives. * Actively promote and embed Equality Diversity and Inclusion (EDI) in all your work, and support and comply with all organisational initiatives, policies and procedures on EDI. Skills: * Relationship Building. Ability to develop and maintain strong relationships with internal and external stakeholders. * Security Operations. Ability provide leadership for live security incidents and helping conduct robust investigations in order to identify corrective actions and see them through to completion. * Threat Intelligence. Ability to provide guidance on proactive threat identification, analysis, and mitigation. Skilled in actionable intelligence, industry sources, and general awareness of threat landscape. * Vulnerability Assessment. Ability to identify and classify security vulnerabilities in networks, systems and applications and mitigating or eliminating their impact. * Risk Management. Ability to identify IT security operations risks and the delivery of audit remediation activities. * Emerging technology monitoring. Ability to identify and assess new and emerging technologies, products, services, methods and techniques. Knowledge: * Knowledge of IT Service Frameworks, methodologies, and best practice such as ITIL v4 and Agile. * Knowledge of day-to-day activities and best practice within a SOC. * Knowledge of technical security such as Firewalls, network security groups, and access controls. Type of Experience: * Experience of leading a team through the full IT service life cycle, enhancing security posture, and evolving capabilities via continual service improvement. * Experience of leading live cyber incidents and the remediation actions. * Experience of partnering with supplier teams for managed services delivery of improvements. * Experience across the full IT security spectrum (software, Servers, infrastructure, and networks). * Experience designing and implementing secure systems, leading review where necessary of complex security issues. * Experience of enabling and informing risk-based decisions. * Experience dealing with the security implications of transformation and day-to-day product changes. * Experience working with system architectures, displaying a strong understanding of the impact of vulnerabilities on varied systems Disclaimer: This vacancy is being advertised by either Advanced Resource Managers Limited, Advanced Resource Managers IT Limited or Advanced Resource Managers Engineering Limited ("ARM"). ARM is a specialist talent acquisition and management consultancy. We provide technical contingency recruitment and a portfolio of more complex resource solutions. Our specialist recruitment divisions cover the entire technical arena, including some of the most economically and strategically important industries in the UK and the world today. We will never send your CV without your permission.
23/04/2024
Full time
Lead IT Security Manager Permanent Birmingham - 2 Days per week on site £48,900 - £61,140 per annum My client in the Rail industry are looking for a Lead IT Security Manager to join their fast-paced Operations team on a permanent basis. The Lead IT Security Manager is responsible for is the effective management of the Security Operations pillar within the IT Security, Compliance & Identity function. This includes Security technology and Security Operations Centre management. Key focus areas for this role, the ideal candidate will have experience in each of the below; Threat & Vulnerability Management Security Operations Centre - 24/7 Outsourced Web & Content Filtering - ProofPoint, Zscaler, etc. Endpoint Security Infrastructure Security Accountabilities * Lead the Security Operations pillar, determining and delivering requirements, methods, and tools to provide value and reduce risk across proactive monitoring, incident response, threat management and vulnerability management (among other activity) . * Lead the creation and maintenance of Security Operations policy, standards procedures, and documentation (including playbooks and guidance). * Manage the application and compliance of security operations procedures, reviewing actual and potential security breaches, and ensuring their investigation. * Lead the Security Operations team's response to incidents, recommending actions and appropriate control improvements. * Monitor the external environment to gather intelligence on emerging technologies, documenting impacts, threats, and opportunities to IT. * Provide expert advice on threat intelligence activities, identifying which threat categories are most dangerous to the organization and how to defend against them. * Manage vulnerability assessment activities within company IT, providing expert advice where necessary in the review of vulnerability assessment tools and techniques. * Develop, maintain, and test Security Operations' incident management procedures, investigating escalated incidents and facilitating recovery post-incident resolution. * Lead Security Operations risk management activities, leading on the identification of risks and vulnerabilities and assessment of their impacts. * Manage and oversee the day-to-day activity of the SOC supplier who will deliver security capabilities, communicating their activity to relevant teams. * Manage the design, delivery, maintenance, and continuous improvement of the IT Security Ops capabilities in line with business needs. * Manage the Security Operations Centre (SOC) capability, ensuring effective protection, defence, and response to IT security risks. * Promote the Security, Compliance & Identity function to develop and enhance the team profile to develop enduring relationships with stakeholders and teams. * Implement a multi-year Security roadmap that provides proactive capabilities which enable business objectives. * Actively promote and embed Equality Diversity and Inclusion (EDI) in all your work, and support and comply with all organisational initiatives, policies and procedures on EDI. Skills: * Relationship Building. Ability to develop and maintain strong relationships with internal and external stakeholders. * Security Operations. Ability provide leadership for live security incidents and helping conduct robust investigations in order to identify corrective actions and see them through to completion. * Threat Intelligence. Ability to provide guidance on proactive threat identification, analysis, and mitigation. Skilled in actionable intelligence, industry sources, and general awareness of threat landscape. * Vulnerability Assessment. Ability to identify and classify security vulnerabilities in networks, systems and applications and mitigating or eliminating their impact. * Risk Management. Ability to identify IT security operations risks and the delivery of audit remediation activities. * Emerging technology monitoring. Ability to identify and assess new and emerging technologies, products, services, methods and techniques. Knowledge: * Knowledge of IT Service Frameworks, methodologies, and best practice such as ITIL v4 and Agile. * Knowledge of day-to-day activities and best practice within a SOC. * Knowledge of technical security such as Firewalls, network security groups, and access controls. Type of Experience: * Experience of leading a team through the full IT service life cycle, enhancing security posture, and evolving capabilities via continual service improvement. * Experience of leading live cyber incidents and the remediation actions. * Experience of partnering with supplier teams for managed services delivery of improvements. * Experience across the full IT security spectrum (software, Servers, infrastructure, and networks). * Experience designing and implementing secure systems, leading review where necessary of complex security issues. * Experience of enabling and informing risk-based decisions. * Experience dealing with the security implications of transformation and day-to-day product changes. * Experience working with system architectures, displaying a strong understanding of the impact of vulnerabilities on varied systems Disclaimer: This vacancy is being advertised by either Advanced Resource Managers Limited, Advanced Resource Managers IT Limited or Advanced Resource Managers Engineering Limited ("ARM"). ARM is a specialist talent acquisition and management consultancy. We provide technical contingency recruitment and a portfolio of more complex resource solutions. Our specialist recruitment divisions cover the entire technical arena, including some of the most economically and strategically important industries in the UK and the world today. We will never send your CV without your permission.
We are looking for one Security Management Specialist/ISO27001-Auditor for STRASBOURG (100% on-site) with EU-passport to start a 3x 1-year contract (extensions possible) for an EU-agency-client. Start date: in 2-3 months or earlier when you have an existing EU-Security-clearance. BACKGROUND Our client is an international organisation and a great reference in any CV! English speaking environment. This role will be 100% onsite in Strasbourg as long the restrictions are lifted. This is a real long-term contract with possibility of extension based on performance and budget availability (initial 220 day contract, where 2x 220 day extensions are foreseen). EU nationals ONLY (due to the "EU" security certifications required). We can't accept any longer UK-consultants, as long they don't have EU-security-clearance or another EU-citizenship (Please note, after Brexit the UK-consultants can't get any longer "EU" security clearances, which is mandatory for this position). Start date in 2-3 months. Earlier when you have an existing EU-security-clearance . We will support your request to get a SC clearance but this application might delay start by some weeks. This position requires "security clearance level: EU SECRET". If the candidate doesn't have a Security Clearance (SC) yet, then he/she can start working, when presenting: - A fresh criminal record (from his/her home country), plus ID-card copy. Our company is holding "FSC - Facility Security Clearance", so we are able to guide/sponsor you through the "PSC - Personal Security Clearance" procedure. The applicants attention is drawn to the important role that the curriculum vitae plays in the evaluation. Curriculum vitae shall illustrate the specific skills relevant to this request. We would like to receive CVs of suitable candidates together with pricing quotations, based on a daily net rate including travel costs for the services described. Europass-CV-format (DOC) will be required at a later stage, it's mandatory, we can provide template (please don't use the online forms). JOB DESCRIPTION The Job Description is "general", as usual in these EU-agencies, where we will learn about the specific focus of the role in the VC interview. TASKS Support the Agency's Information Security Officers in the management of information security and business continuity across organizational business processes and information systems; Develop security controls in the context of the agency's information security framework. Perform risk assessments; Develop Information Security Management System (ISMS)procedures; Develop conceptual, logical and physical security models as appropriate; Draft security policies, standards, procedures and guidelines in accordance with ISO27001; Develop security plans and documentation (eg, risk treatment plans, security test plans); Develop business continuity and disaster recovery plans; Perform security assessments and audits; Perform ISMS control audits; Perform ISMS gap assessments; Design security controls in accordance with agency information security policies and standards; Provide assistance in formal accreditation process for information systems handling EU sensitive and classified information. SKILLS Minimum 4 years of relevant education (master or equivalent) after the secondary school. Minimum 6 years of IT professional experience, of which Minimum 4 years of relevant professional experience in Information Security Management. I SO27001 implementation, management and audit; Relevant standards and good practice in information security management; Risk management; Governance, Risk & Compliance (GRC) practices and controls; ISO27001 security control audits and assessments; Developing security policies, standards and guidelines in accordance with ISO27001 and EU security policies and standards; Design, implementation and assessments of good practice security control frameworks such as SANS Top 20 Critical Controls, OWASP Application Security Verification Standard; Secure development processes (Security and Privacy design); Implementation of EU data protection principles in information system design and processes. Certificates, strongly desired: Certified Information Systems Security Professional ( CISSP ); Certified Information Security Manager (CISM); Certified Information Systems Auditor (CISA); ITIL/ITIL V3; BSI ISO27001 Lead Auditor Qualification. PROVIDER infom consulting is an owner-managed business and consulting firm in Germany. The company supports large corporations and larger SMEs across Europe. Our IT experts are realising projects for the European Institutions, United Nations agencies, International Organisations and multinational companies across the EU. If this sounds of interest, then please get in touch ASAP so we can talk about the role and your experience.
18/04/2024
Project-based
We are looking for one Security Management Specialist/ISO27001-Auditor for STRASBOURG (100% on-site) with EU-passport to start a 3x 1-year contract (extensions possible) for an EU-agency-client. Start date: in 2-3 months or earlier when you have an existing EU-Security-clearance. BACKGROUND Our client is an international organisation and a great reference in any CV! English speaking environment. This role will be 100% onsite in Strasbourg as long the restrictions are lifted. This is a real long-term contract with possibility of extension based on performance and budget availability (initial 220 day contract, where 2x 220 day extensions are foreseen). EU nationals ONLY (due to the "EU" security certifications required). We can't accept any longer UK-consultants, as long they don't have EU-security-clearance or another EU-citizenship (Please note, after Brexit the UK-consultants can't get any longer "EU" security clearances, which is mandatory for this position). Start date in 2-3 months. Earlier when you have an existing EU-security-clearance . We will support your request to get a SC clearance but this application might delay start by some weeks. This position requires "security clearance level: EU SECRET". If the candidate doesn't have a Security Clearance (SC) yet, then he/she can start working, when presenting: - A fresh criminal record (from his/her home country), plus ID-card copy. Our company is holding "FSC - Facility Security Clearance", so we are able to guide/sponsor you through the "PSC - Personal Security Clearance" procedure. The applicants attention is drawn to the important role that the curriculum vitae plays in the evaluation. Curriculum vitae shall illustrate the specific skills relevant to this request. We would like to receive CVs of suitable candidates together with pricing quotations, based on a daily net rate including travel costs for the services described. Europass-CV-format (DOC) will be required at a later stage, it's mandatory, we can provide template (please don't use the online forms). JOB DESCRIPTION The Job Description is "general", as usual in these EU-agencies, where we will learn about the specific focus of the role in the VC interview. TASKS Support the Agency's Information Security Officers in the management of information security and business continuity across organizational business processes and information systems; Develop security controls in the context of the agency's information security framework. Perform risk assessments; Develop Information Security Management System (ISMS)procedures; Develop conceptual, logical and physical security models as appropriate; Draft security policies, standards, procedures and guidelines in accordance with ISO27001; Develop security plans and documentation (eg, risk treatment plans, security test plans); Develop business continuity and disaster recovery plans; Perform security assessments and audits; Perform ISMS control audits; Perform ISMS gap assessments; Design security controls in accordance with agency information security policies and standards; Provide assistance in formal accreditation process for information systems handling EU sensitive and classified information. SKILLS Minimum 4 years of relevant education (master or equivalent) after the secondary school. Minimum 6 years of IT professional experience, of which Minimum 4 years of relevant professional experience in Information Security Management. I SO27001 implementation, management and audit; Relevant standards and good practice in information security management; Risk management; Governance, Risk & Compliance (GRC) practices and controls; ISO27001 security control audits and assessments; Developing security policies, standards and guidelines in accordance with ISO27001 and EU security policies and standards; Design, implementation and assessments of good practice security control frameworks such as SANS Top 20 Critical Controls, OWASP Application Security Verification Standard; Secure development processes (Security and Privacy design); Implementation of EU data protection principles in information system design and processes. Certificates, strongly desired: Certified Information Systems Security Professional ( CISSP ); Certified Information Security Manager (CISM); Certified Information Systems Auditor (CISA); ITIL/ITIL V3; BSI ISO27001 Lead Auditor Qualification. PROVIDER infom consulting is an owner-managed business and consulting firm in Germany. The company supports large corporations and larger SMEs across Europe. Our IT experts are realising projects for the European Institutions, United Nations agencies, International Organisations and multinational companies across the EU. If this sounds of interest, then please get in touch ASAP so we can talk about the role and your experience.