- Ensuring the protection of information assets and technologies
- Contribution to completion of security related audits such as ISO27001, ISO27017, NIST-CSF, IASME Governance, SOX
- Conduct and document internal audits
- Manage Third Party Risk Management (TPRM) including vendor security programme reviews,
- Contribution to Subject Access Request and eDiscovery processes
- Extensive Information Security Governance, Risk and Compliance (GRC) experience as well as InfoSec Operations experience
- Experience contributing to an Information Security Management System (ISMS) certified to ISO27001 standards
- Good knowledge of the Cyber Essentials Plus Scheme as well as UK & EU General Data Protection Regulation (GDPR) and the Data Protection Act (2018)
- The ability to work autonomously and as part of a team, excellent communication skills
- ISO/IEC 27001 Lead Implementer
- ISO/IEC 27001 Internal Auditor
- Security+
- CISM / CISSP
Governance, Risk - Kingston upon Thames, Greater London, United Kingdom - E-Resourcing
Found in: Jooble UK O C2 - 2 weeks ago
Description
Governance, Risk and Compliance (GRC) Analyst - ISO SOX - Audit
Kingston-Upon-Thames, Surrey (3 days per week in the office)
My client, a successful UK based company are looking for a GRC Analyst to join them on a permanent basis.
Working in a small Information Security team this responsible role involves supporting the operation, maintenance and maturity of the Information Security program.
Duties and responsibilities will include:
You will need:
Advantageous certifications
This is an excellent opportunity within a stable organisation dedicated to IT Security.
Governance, Risk and Compliance (GRC) Analyst - ISO SOX - Audit
Kingston-Upon-Thames, Surrey (3 days per week in the office)
#J-18808-Ljbffr