Job Description

Location: London/Norwich- 3 Days a week

JD :                                                                                          
Security Testing Coordinators
The Role
Working within the customer COO Risk and Assurance as part of the Control Testing team, the Control tester will work with internal and external stakeholders which includes customer as well as 3rd party vendors. The focus of the role is to test assets for FRCF testing’s. Assets include internal applications, OS, databases, and cloud servers. 
You will have strong analytical skills in order to articulate capability requirements, identify options, and clearly document the merits of each and will be a ISO 27001 LA certified or similar. You will bring to your knowledge and experience of securing enterprise technologies e.g. Different IT architectures, connectivity and be able to comprehend accordingly.
Duties & Responsibilities
•    Good knowledge on IT General Controls
•    Good Understanding of ISO27001 and 3rd party Audits.
•    Experience in handling complete audit process.
•    Develop effective tracking, follow ups measures and reporting of findings in central system.
•    Working knowledge  on Windows, Linux and AWS. 
•    Knowledge of system wide information security compliance programs 
•    Understanding of complex enterprise systems 
•    Communicate effectively and efficiently internally and with client.
•    Good written and verbal communication
•    Knowledge on latest security trends and practices  
•    Hands on Archer will be preferred. 
Qualifications
•    ISO 27001 LA , CISA or similar 
Experience / Knowledge:
•    Have demonstrable, well-grounded 10+ years of experience in an information security in Governance, Risk and Compliance
•    Proven experience using Information Security Frameworks (e.g. ISF, NIST, ISO) and Data Privacy
•    Previous experience as an auditor 
•    IT General Controls 
•    Domain expertise in three or more areas:
o    Control Testing
o    Application Development and Configuration Development
o    Access Management and recertification
o    Change management. 
o    Finding Management
o    Operating systems 
•    Third party assurance testing 

͏

Do

• Ensuring customer centricity by providing apt cybersecurity 

• Monitoring and safeguarding the log sources and security access
• Planning for disaster recovery in the event of any security breaches
• Monitor for attacks, intrusions and unusual, unauthorized or illegal activity
• Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems
• Conduct security assessments, risk analysis and root cause analysis of security incidents
• Handling incidents escalated by the L1 team in 24x7 rotational shifts
• Use advanced analytics tools to determine emerging threat patterns and vulnerabilities
• Completing all tactical security operations tasks associated with this engagement.
• Analyses all the attacks and come up with remedial attack analysis
• Conduct detailed analysis of incidents and create reports and dashboards

• Stakeholder coordination & audit assistance

• Liaise with stakeholders in relation to cyber security issues and provide future recommendations
• Maintain an information security risk register and assist with internal and external audits relating to information security
• Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues
• Advice and guidance to employees on issues such as spam and unwanted or malicious emails

͏

Deliver

͏

͏