Job Title: Information Security Officer Location: Exeter - Fully Remote Salary: £65,000 - £70,000 + benefits Are you an experienced Information Security Officer looking for your next challenge? If so, this could be the ideal opportunity for you. My client, a specialist financial services business with an excellent reputation, is currently investing within their Information/Cyber Security team. As part of this investment, they are looking to hire an Information Security Officer to join the team. Reporting directly into the CISO you will provide the specialist expertise to maintain and support IT security strategies by managing the overall IT security governance and compliance processes, ensuring that effective IT security controls and processes are being implemented across the business. They are also undergoing a major transformation programme at the moment and the role will be instrumental in supporting the projects by providing project assurance from an information security perspective. Key responsibilities To probe systems and processes to ensure appropriate controls are applied. Provide security advice based on best practice to IT or Systems Owners. Evaluation and risk assessment of new suppliers, software, systems or technologies. Annual security reviews and risk assessment of IT suppliers. Perform penetration testing. Analyse IT requirements and provide objective advice on best practice IT security. Identify and mitigate network vulnerabilities. Research/evaluate emerging cyber security threats and ways to manage them. Plan and test for disaster recovery, business continuity and create contingency plans for the event of any security breaches. Monitor for attacks, intrusions and unusual, unauthorised or illegal activity. Identify any gaps in controls on systems eg Active Directory, Intune, AWS, etc. Control use of software libraries by developers and ensure vulnerabilities identified are resolved. Conduct personalised Security Training for different employee groups. Conduct internal audit under CISO supervision. Investigate security alerts and provide support for incident response. Maintain an information security risk register and assist with internal and external audits relating to information security. Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues. Review and refine IT security controls to ensure that they are appropriate to mitigate underlying resilience and residual risk. To influence and manage IT security development best practices on the codebase for both internal and external development teams. To design the security architecture topology, making sure it is part of the Service management framework. To oversee all ongoing activities related to the development, implementation, and maintenance of information security policies and procedures by ensuring these policies and procedures encompass the overall security of information at rest or in transit within the systems. To ensure vulnerabilities are managed by directing periodic internal/external penetration tests using ethical hacking. Upon request of the CISO, to deputise any meetings as necessary to prioritise recommended improvements. Skills and Experience required Proven background within a similar Information Security Officer position. Proven background within Information Security using proven methodologies with external resources. Information Security certification (CISSP, CEH, CISM, etc) A strong knowledge of ISO27001 and Cyber Essentials + Systematic problem-solving approach, coupled with a strong sense of ownership and drive. The ability to explain the risk of security threats and creating mitigations. Experience with securing cloud-based services such as Azure or AWS. A good understanding of GDPR standards and practices. Excellent written and verbal communications skills as appropriate for the needs of the audience. For more information or to apply please send a copy of your CV to (see below)
26/04/2024
Full time
Job Title: Information Security Officer Location: Exeter - Fully Remote Salary: £65,000 - £70,000 + benefits Are you an experienced Information Security Officer looking for your next challenge? If so, this could be the ideal opportunity for you. My client, a specialist financial services business with an excellent reputation, is currently investing within their Information/Cyber Security team. As part of this investment, they are looking to hire an Information Security Officer to join the team. Reporting directly into the CISO you will provide the specialist expertise to maintain and support IT security strategies by managing the overall IT security governance and compliance processes, ensuring that effective IT security controls and processes are being implemented across the business. They are also undergoing a major transformation programme at the moment and the role will be instrumental in supporting the projects by providing project assurance from an information security perspective. Key responsibilities To probe systems and processes to ensure appropriate controls are applied. Provide security advice based on best practice to IT or Systems Owners. Evaluation and risk assessment of new suppliers, software, systems or technologies. Annual security reviews and risk assessment of IT suppliers. Perform penetration testing. Analyse IT requirements and provide objective advice on best practice IT security. Identify and mitigate network vulnerabilities. Research/evaluate emerging cyber security threats and ways to manage them. Plan and test for disaster recovery, business continuity and create contingency plans for the event of any security breaches. Monitor for attacks, intrusions and unusual, unauthorised or illegal activity. Identify any gaps in controls on systems eg Active Directory, Intune, AWS, etc. Control use of software libraries by developers and ensure vulnerabilities identified are resolved. Conduct personalised Security Training for different employee groups. Conduct internal audit under CISO supervision. Investigate security alerts and provide support for incident response. Maintain an information security risk register and assist with internal and external audits relating to information security. Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues. Review and refine IT security controls to ensure that they are appropriate to mitigate underlying resilience and residual risk. To influence and manage IT security development best practices on the codebase for both internal and external development teams. To design the security architecture topology, making sure it is part of the Service management framework. To oversee all ongoing activities related to the development, implementation, and maintenance of information security policies and procedures by ensuring these policies and procedures encompass the overall security of information at rest or in transit within the systems. To ensure vulnerabilities are managed by directing periodic internal/external penetration tests using ethical hacking. Upon request of the CISO, to deputise any meetings as necessary to prioritise recommended improvements. Skills and Experience required Proven background within a similar Information Security Officer position. Proven background within Information Security using proven methodologies with external resources. Information Security certification (CISSP, CEH, CISM, etc) A strong knowledge of ISO27001 and Cyber Essentials + Systematic problem-solving approach, coupled with a strong sense of ownership and drive. The ability to explain the risk of security threats and creating mitigations. Experience with securing cloud-based services such as Azure or AWS. A good understanding of GDPR standards and practices. Excellent written and verbal communications skills as appropriate for the needs of the audience. For more information or to apply please send a copy of your CV to (see below)
Position Available : Commercial Contracts Officer Location : Hertfordshire (Hybrid) & Dynamic Working Hours Salary : Up to £50,000 + Bonus & Very Good Pension Package Experience needed : Experience of drafting & managing contracts, negotiating terms, ensuring compliance, and mitigating risks related to commercial agreements. The ideal candidate will come from a defence or aerospace environment or have had some experience working on or with Ministry of Defence contracts. About the role We are a leading defence company who are at the forefront of innovation in the industry and your work will have a direct impact on the safety and security of the UK & our allies. We are currently hiring several commercial contract officers to join our team who are responsible for maximising business opportunities through strategic planning and playing a pivotal role in securing new contracts. In this role, your responsibilities will encompass driving the full contract process, which includes bidding, cost management, and contract negotiations. You will be tasked with drafting and negotiating bespoke contract terms, ensuring they comply with the MoD structure, and creating confidentiality, loan, license, and NDA agreements for approval. Additionally, you will play a crucial role in ensuring the successful delivery of contracts by reviewing deliverables and acceptance criteria. Building and nurturing collaborative relationships with customers will be essential, and you will act as the primary point of contact for contractual information and agreements. Effective communication with stakeholders at all organisational levels will be key to success in this position, and you will also be expected to represent the commercial team in progress/reviews and customer meetings. What we need from you: Experience of drafting, negotiating and agreeing contracts and agreements A confident communicator, both orally and in writing Comfortable building effective working relationships Strong attention to detail and analytical in approach Defence knowledge and familiarity with MoD contracting structure, including DEFCONs and QDCs, is an advantage If you would like to know more details about the position or want to register your interest, hit apply below. We'd love to hear from you!
26/04/2024
Full time
Position Available : Commercial Contracts Officer Location : Hertfordshire (Hybrid) & Dynamic Working Hours Salary : Up to £50,000 + Bonus & Very Good Pension Package Experience needed : Experience of drafting & managing contracts, negotiating terms, ensuring compliance, and mitigating risks related to commercial agreements. The ideal candidate will come from a defence or aerospace environment or have had some experience working on or with Ministry of Defence contracts. About the role We are a leading defence company who are at the forefront of innovation in the industry and your work will have a direct impact on the safety and security of the UK & our allies. We are currently hiring several commercial contract officers to join our team who are responsible for maximising business opportunities through strategic planning and playing a pivotal role in securing new contracts. In this role, your responsibilities will encompass driving the full contract process, which includes bidding, cost management, and contract negotiations. You will be tasked with drafting and negotiating bespoke contract terms, ensuring they comply with the MoD structure, and creating confidentiality, loan, license, and NDA agreements for approval. Additionally, you will play a crucial role in ensuring the successful delivery of contracts by reviewing deliverables and acceptance criteria. Building and nurturing collaborative relationships with customers will be essential, and you will act as the primary point of contact for contractual information and agreements. Effective communication with stakeholders at all organisational levels will be key to success in this position, and you will also be expected to represent the commercial team in progress/reviews and customer meetings. What we need from you: Experience of drafting, negotiating and agreeing contracts and agreements A confident communicator, both orally and in writing Comfortable building effective working relationships Strong attention to detail and analytical in approach Defence knowledge and familiarity with MoD contracting structure, including DEFCONs and QDCs, is an advantage If you would like to know more details about the position or want to register your interest, hit apply below. We'd love to hear from you!
Information Technology Governance and Privacy - Financial Industry SALARY: $115k - $120k plus 15% bonus LOCATION: Chicago, IL Hybrid 3 days onsite and 2 days remote, Looking for candidate with information technology data governance to support development and implementation of information governance data protection. The Associate Principal, Information Governance and Privacy (reporting to the Privacy and Data Protection Officer) is responsible for supporting the development and implementation of information governance, data protection, and privacy program. This includes supporting the development of strategies, policies, procedures, and controls related to the governance and protection of information throughout its life cycle. This role will focus on compliance with applicable regulatory and legal rules and requirements (ie SEC-Regulation SCI, CFTC-System Safeguards, etc.) as they relate to information including support of regulatory exam and Internal Audit remediation planning, tracking, and mitigation. Qualifications: Strong interest in understanding and solving data challenges with experience in information governance, data protection, and privacy policy Knowledge of and work experience with enterprise systems, networks, databases, and other technical domains Strong attention to detail, customer orientation, communication, and presentation skills including the ability to listen and quickly translate business needs into solutions and build effective working relationships Strong experience in building the capabilities for auto data classification, data security and data protection. Experience with classification standard definitions and settings Experience with Privacy requirements and work with personal information and its protection Strong strategic thinking, problem solving, and analytic skills Utilize metrics as means to improve performance Ability to adapt to change in emerging environments and work across multiple areas Experience in developing policies and procedures Experience in project management, project execution, and managing multiple priorities in a timeline driven environment Experience working in a highly regulated environment including an understanding of audit and compliance requirements Understanding of and interest in technology selection and implementation Experience in Information Security related policy, procedure and control writing Technical Skills: Office 365 (Word, Excel, PowerPoint) Experience with systems supporting Compliance, Risk, Audit, Privacy, and Management such as ServiceNow, Archer, etc. Project/Program Management Business Intelligence tool experience Education and/or Experience: Bachelor's degree or higher in information management, information systems, law, computer science or BA/BS in another discipline with equivalent experience 5 or more years of applicable work experience Previous work with information or data governance control activities in the financial services industry. Experience in the financial services industry
25/04/2024
Full time
Information Technology Governance and Privacy - Financial Industry SALARY: $115k - $120k plus 15% bonus LOCATION: Chicago, IL Hybrid 3 days onsite and 2 days remote, Looking for candidate with information technology data governance to support development and implementation of information governance data protection. The Associate Principal, Information Governance and Privacy (reporting to the Privacy and Data Protection Officer) is responsible for supporting the development and implementation of information governance, data protection, and privacy program. This includes supporting the development of strategies, policies, procedures, and controls related to the governance and protection of information throughout its life cycle. This role will focus on compliance with applicable regulatory and legal rules and requirements (ie SEC-Regulation SCI, CFTC-System Safeguards, etc.) as they relate to information including support of regulatory exam and Internal Audit remediation planning, tracking, and mitigation. Qualifications: Strong interest in understanding and solving data challenges with experience in information governance, data protection, and privacy policy Knowledge of and work experience with enterprise systems, networks, databases, and other technical domains Strong attention to detail, customer orientation, communication, and presentation skills including the ability to listen and quickly translate business needs into solutions and build effective working relationships Strong experience in building the capabilities for auto data classification, data security and data protection. Experience with classification standard definitions and settings Experience with Privacy requirements and work with personal information and its protection Strong strategic thinking, problem solving, and analytic skills Utilize metrics as means to improve performance Ability to adapt to change in emerging environments and work across multiple areas Experience in developing policies and procedures Experience in project management, project execution, and managing multiple priorities in a timeline driven environment Experience working in a highly regulated environment including an understanding of audit and compliance requirements Understanding of and interest in technology selection and implementation Experience in Information Security related policy, procedure and control writing Technical Skills: Office 365 (Word, Excel, PowerPoint) Experience with systems supporting Compliance, Risk, Audit, Privacy, and Management such as ServiceNow, Archer, etc. Project/Program Management Business Intelligence tool experience Education and/or Experience: Bachelor's degree or higher in information management, information systems, law, computer science or BA/BS in another discipline with equivalent experience 5 or more years of applicable work experience Previous work with information or data governance control activities in the financial services industry. Experience in the financial services industry