Scope products and solutions and carry out technical security assessments of the various components in complex, critical and diversified information systems.
Review the effectiveness of privacy and security controls, and propose improvements.
Assess security controls using ISO27001 control framework and map requirements/observation into other security frameworks.
Work with colleagues, third parties and/or contractors across various assurance activities including privacy assessments, security assessments and remediation.
Deliver detailed security and privacy assessment reports to record levels of compliance and record findings in central repositories and progress towards compliance.
Undertake ad-hoc security and privacy admin tasks that form part of the role.
Requirements
Core competencies, knowledge and experience:
Strong expertise in assessment and implementation of technical security standards, policies and controls to ensure security through the product lifecycle.
Strong Technical Security background in IT and networks ideally in architectural, consultancy or assurance role
Broad knowledge of privacy legislation (GDPR)
Excellent written and oral communication skills
Excellent stakeholder engagement, interpersonal and communication skills.
Able to translate technical risk into business context and pitch and articulate security advice to senior stakeholders.
Must have technical / professional qualifications:
Relevant professional qualifications such as CCNA, CISSP, CISM, CRISC, CISA, NCSC CCP (IISP), ISO27001 Lead Auditor
Demonstrable assessment / assurance or architectural industry expertise in cybersecurity
Practical experience and knowledge of applying OWASP, ISO27001:2013, CSA cloud controls framework, NIST or ISF
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional
Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes.The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
