Home
Jobs
Allen Lane Ltd.
Information Security Assurance Lead

Information Security Assurance Lead

On site

London, United Kingdom

£ 90,000 / year

Full Time

17-01-2025

Share this job:

Score my CV

Job Specifications

Information Security Assurance Lead
Salary: £75,000-£90,000 (London) | £65,000-£80,000 (National)
Location: London, Edinburgh, Leeds - hybrid working available (40% office, 60% WFH).

Allen Lane is supporting a public sector organisation in their search for an Information Security Assurance Lead, sitting within the organisation's Cyber and Information Resilience department.

As an Information Security Assurance Lead, you will:
Assist the Operational Assurance Manager in developing cyber assurance strategy, defining goals to align with Cyber and Information Resilience Strategy and framework.
Oversight and monitoring of the department's security strategy, implementing preventative measures to protect sensitive data and to comply with regulations.
Develop effective mitigation strategies for critical cyber and privacy risks.
Lead on the end-to-end delivery of key workstreams mainly, third party risk assessment, post-incident review, threat and vulnerability assessments, security assessment (red teaming), penetration testing.
Enhance third-party cyber risk monitoring (using a tool) and service-driven assessments with analytical/ qualitative/ quantitative methods to simplify processes amidst cloud vendor changes and evolving cybersecurity needs.
Assure and report on cyber threats and security vulnerabilities that impact supply chain performance by implementing security by design capabilities and compliance automation.
Leading and managing an operational team with technical expertise, fostering Agile practices to build high performing cross functional team.

Criteria:
Proven experience of leading security or assurance teams, and operating Information Security/Assurance Frameworks and Services.
Ability to effectively communicate to senior stakeholders, translating technical issues for clear recommendations.
Experience of a hands-on role involving pen testing, 3rd party security assessment and vulnerability assessment activities of complex suppliers, applications and operating systems.
Demonstrate strong operating knowledge of NIST 800, OWASP, ISO27001 and data protection.
Ability to plan strategically, arrange and consolidate resources in order to deliver assurance services to achieve assurance objectives.
Demonstrable experience fulfilling leadership duties of technical and non-technical staff to drive the information assurance agenda.

The successful candidate will hold or will be required to obtain Security Clearance (SC) level vetting.

Applicants are required to provide a tailored CV to be considered. A comprehensive job description and personal specification is available.

Employee benefits include: 25 days annual leave (plus bank holidays), private healthcare, life assurance (8x basic salary), income protection.

About the Company

Allen Lane is a specialist boutique consultancy, recruiting finance, IT, procurement and project management professionals into the public and not-for-profit sectors. Established in 2004 we offer a fresh, unpretentious approach to recruitment founded on relationships and exceptional customer service. Know more

Related Jobs

Company Name: Thrive IT Systems
Job Title: Fullstack Network Engineer
Job Description: Full Stack Network Engineer We are seeking a highly skilled Full Stack Network Engineer to join our IT team, This role demands a deep understanding of both front-end and back-end networking technologies, encompassing the design, implementation, and maintenance of comprehensive network infrastructures. The ideal candidate will be adept at solving complex networking challenges, ensuring optimal performance, security, and scalability of our network systems. Key Responsibilities Design, implement, and manage network infrastructure including routers, switches, firewalls, and load balancers across various platforms. Familiar with circuit ordering and DWDM deployments Familiar with Nexus 7k / Cisco 6500 environments and (possibly arista but not essential) Ability to document and map in detail all connectivity on site to be used to identify business areas / stakeholders and used as a basis to produce a runbook for migration tasks. Develop and maintain automation scripts to streamline network operations and ensure consistency across environments. Collaborate with cross-functional teams to understand application requirements and translate them into network solutions. Ensure network security by implementing industry-best practices and conducting regular vulnerability assessments. Troubleshoot and resolve network-related issues in a timely and efficient manner. Stay abreast of the latest networking technologies and trends and recommend upgrades and improvements to keep our network infrastructure at the cutting edge. Provide technical leadership and mentorship to junior network engineers. Document network designs, configurations, and operating procedures. Skills and Qualifications: Bachelor’s degree in computer science, Information Technology, or a related field. Proven experience as a Full Stack Network Engineer or similar role, with a strong portfolio of successful network infrastructure projects. Expertise in network architecture and engineering, including TCP/IP, DNS, VPN, LAN/WAN, and QoS. Proficient in network automation tools and scripting languages such as Python, Ansible, or Terraform. Strong knowledge of network security protocols and best practices. Excellent problem-solving skills and the ability to work under pressure. Outstanding communication and teamwork skills. Excellent Microsoft Office and Visio skills. Relevant certifications (e.g., CCNA, CCNP, JNCIA, JNCIS) are highly advantageous

Sheffield, United Kingdom

On site

Full Time

30-01-2025

Company Name: BSI
Job Title: Test Technician - IoT/Hardware Security
Job Description: Great that you're thinking about a career with BSI! Job Title: Test Technician - IoT/Hardware Security Location: Hemel Hempstead Job Type: Permanent, Full-time Salary: Dependant on Experience Are you an experienced cyber security professional seeking a diverse and meaningful career in IoT cyber security standards? With exposure to an array of smart home and connected IoT devices, your role as our Test Technician for IoT/Hardware Security will involve conducting security testing of IoT smart devices for our global clients, to ensure products meet security compliance to the relevant regulatory cybersecurity schemes under type test and audit tests. To be successful in this role you will bring experience across device/hardware cybersecurity, debugging interfaces, wireless & wired communications (WIFI, Bluetooth, Ethernet, ZiBee, Z-Wave etc), firmware reverse engineering, and source code analysis. Key Responsibilities Testing IoT product samples in line with KPI budget. Assist to maintain and improve test techniques for the IoT laboratory. To Research and identify new potential test equipment for the IoT laboratory. Ensure that test SMOs are booked, time sheeted and billed correctly. Support the maintenance of The UKAS accreditation for the IoT laboratory, ensuring that compliance processes are established, implemented, and maintained and ensuring that they continue to meet accreditation requirements and remains effective, efficient and fit for purpose. To provide technical assistance with BSI customers, during any potential certification journey. To manage client’s samples and testing to ensure that agreed timelines are met for the testing of samples. To assist in the maintenance and continuous improvement on automated reporting tools. Required Skills & Experience Experience managing and operating Linux and Windows systems. Experience in Hardware (electronics) cybersecurity testing. Experience in infrastructure cybersecurity testing. Familiarity with compliance cybersecurity standards, such as: ETSI EN 303 645 / TS 103 701 IEC 62443-4 OWASP ASVS / MASVS Familiarity / Experience with standards for competence of testing and calibration (EN ISO/IEC 17025). Some demonstrable practical experience with IoT devices/applications. Some practical experience with at least one high level programming language. Experience / Familiarity with Professional technical report writing. Good communication skills and the ability to write clear and concise reports. Desirable Skills & Experience Knowledge / experience in Industrial Control systems (Cybersecurity aspects). Knowledge / experience in any of the following communication technologies: Mobile (2G/3G/4G/5G) Bluetooth. ZigBee Z-Wave Lora WAN NB-IoT Experience with working with front-end and back-end systems Experience of: CREST (any from the Incident response family) Offensive security (PEN-200, PEN-210, PEN-300) Cyber-Scheme (CSFL, CSTM, CSTL) BSI offers a competitive total reward package, an independent and varied job in an international environment, flexible working hours, ongoing training, and development with the inclusion of Annual Bonus, Contribution Based Pension, Private Healthcare, 27 Days Annual Leave + Bank Holidays, Life Assurance. Do you believe the world deserves excellence? We are proud to be the business improvement company for other organisations to become more sustainable and resilient and finally to inspire trust in their products, systems, services, and the world we live in. Headquartered in London, BSI is the world's first national standards organization with more than 100 years of experience. We are a global partner for 86,000 companies and organizations in over 193 countries, offering development, auditing, certification, and training services, including innovative software solutions and cyber security expertise for all industries: from aerospace and automotive to food, construction, energy, healthcare, IT and trade sectors. Incorporated by Royal Charter, we’re truly impartial, and home to the ultimate mark of trust, the Kitemark. Through our unique combination of consulting, training, assurance, and regulatory services we bring solid and broad knowledge to every company. If you want to contribute to this inspiring challenge, bring your open and enthusiastic mindset to our dynamic team, apply now and become part of the BSI family! D&I Policy BSI is committed to ensuring the diversity of our workforce reflects that of our clients and the communities in which we operate. Our goal is to create a sense of belonging for all employees by providing opportunities to develop, grow, and engage with our global organization all while having fun doing great work. BSI is a community where everyone can thrive. If you require any reasonable accommodations to be made on account of a disability or impairment throughout out our recruiting process, please inform your Talent Acquisition Partner. Our Excellence Behaviours: Client-centric, Agile, Collaborative. These three behaviours represent how we do things at BSI. They help us ensure that BSI is a great place to work and a highly successful business. BSI is conducting face-to-face interviews where appropriate and possible. If you are invited to a face-to-face interview but feel more comfortable with conducting the interview virtually, please speak to a member of our recruitment team.

Hemel Hempstead, United Kingdom

On site

Full Time

27-01-2025

Company Name: Hamilton Barnes
Job Title: Security Consultant
Job Description: An established leader in the cybersecurity industry is expanding its team of Information Security Advisors to support its growing client base in the EMEA region. With access to cutting-edge tools, a globally recognized team of experts, and a focus on innovation, this is an incredible opportunity to make an impact in the fight against cyber threats. Be the primary security expert for your clients, offering clear communication and effective solutions. Advise clients on the evolving threat landscape and recommend strategies for threat detection and prevention. Work extensively with SIEM solutions such as Splunk, QRadar, and Microsoft Sentinel. Utilize frameworks like MITRE ATT&CK for threat hunting and building use cases. Conduct security assessments and recommend improvements tailored to client needs. Collaborate with a global SOC team to ensure the seamless implementation of security measures. Use Power BI for data visualization and reporting. Stay ahead of emerging trends and technologies in cybersecurity. Problem-solving skills to tackle complex security challenges with actionable advice. Expertise in information security operations, project management, and network security. Proficiency in tools like SPL (Splunk) or KQL (Sentinel) for data analysis. Strong knowledge of cybersecurity areas such as networking, threat hunting, vulnerability management, incident response, and security architecture. Fluent English to build strong relationships and communicate effectively with stakeholders. A proven track record in reducing security risks, managing incidents, and mitigating vulnerabilities in complex environments. 5+ years of experience in a Senior SOC role or consulting Experience with Sentinel or Splunk Experience with SIEM. EDR, firewalls. Security certifications such as CISSP, GIAC, Security+, or platform-specific credentials like Splunk Enterprise Certified Architect. Salary: £85,000-£110,000

Company Name: Betway Group
Job Title: IT Security Engineer
Job Description: Who we are We’re part of Super Group, the NYSE-listed digital gaming company behind some of the world’s leading Sports and iGaming brands. At Betway, we’re driven by our shared vision to become the global leader in the online sports betting and casino industry. Our people are forward-thinking team-players who thrive on a collective diversity of skills and backgrounds. Founded in 2006, our teams in Guernsey, London, Malta, Germany, Portugal and Spain and are constantly expanding and evolving. Who we’re looking for We’re on a thrilling journey of growth and innovation, and we need passionate, driven individuals to join us. At Betway, every day is action-packed, and we expect you to bring your A-game. In return, you’ll find a supportive environment where your skills can flourish and your career can soar. Ready to become a game-changer? Supercharge your career with us and be part of something extraordinary. Why we need you We’re on a mission to create extraordinary experiences for our customers, and we believe that your unique skills, passion and superdrive will help us achieve our vision. As an IT Security Engineer you’ll be responsible for maintaining, evaluating and testing the security of our systems. You will assist with the ongoing protection of digital assets, and the maintenance and expansion of the security architecture. This will be completed via the implementation of applicable and well managed security controls by employing a process driven approach to tasks. You will be able to practice due care throughout your daily tasks ranging from ensuring the success of our data loss program to providing expert security guidance to the entire IT operations team. Further, the IT Security Engineer should be capable of providing best practice and guidance to our wide-ranging user base. What you’ll be doing As part of your role, your responsibilities will include: Security Strategy and Governance: -Determining appropriate levels of security controls, systems monitoring, and conduct security audits -Assisting in managing the development and implementation of security policies, standards, guidelines, and procedures -Working with outside consultants for independent security reviews and compliance audits -Assisting the Information Security Team with awareness training on information security standards, policies, and best practices Security Operations and Incident Response: -Developing, implementing, and monitoring security measures for the protection of systems, networks, and information -Responding to various requests logged by the business and act as a point of escalation for security issues -Assisting other technology teams with prioritizing patches and security fixes. -Reviewing security logs and analytics to identify and respond to potential security incidents -Leading investigations into suspected attacks and data breaches Security Solutions and Tools: -Enhancing configuration of security solutions to optimise their effectiveness and automate repetitive tasks -Completing third-party and application assessments to identify potential security risks and vulnerabilities -Maintaining existing security systems, controls, and documentation to a high standard Reporting and Documentation: -Providing comprehensive reports, including assessment-based findings, outcomes, and propositions for further system security enhancement -Maintaining documentation to a high standard, ensuring accurate and up-to-date records Security Collaboration and Leadership: -Acting as a business enabler, collaborating with various teams to prioritize security advisory -Working with cross-functional teams and outside consultants to ensure effective security collaboration. This job description is not intended to be an exhaustive list of responsibilities. You may be required to complete other reasonable duties in order to achieve business objectives. Essential skills you’ll bring to the table The necessary skills that we require for this role include: Strong verbal and written communication skills, with the ability to convey complex ideas clearly and effectively Experience working collaboratively in cross-functional teams, with a focus on achieving shared goals Expertise in managing multiple projects simultaneously, with a track record of delivering on time and within scope Exceptional attention to detail, ensuring high standards of quality in all outputs Ability to adapt quickly to changing environments and priorities, maintaining effectiveness in dynamic situations Detailed technical knowledge of threats, vulnerabilities, attack methods, and infection vectors Experience in securing cloud environments, including knowledge of cloud security architecture and best practices Experience working with on-premises and cloud (hybrid) security systems, such as firewalls, intrusion detection/prevention systems, and SIEM tools Experience working with networking and security controls across all OSI layers Ability to effectively detect, investigate, and respond to security incidents in line with incident response frameworks and methodologies Understanding of security frameworks, standards, and regulations (e.g., ISO 27001, PCI DSS, NIST, GDPR) Understanding of secure coding practices and web application vulnerabilities Understanding of security policy development and implementation Proactive approach, ability to analyse complex security issues and develop effective solutions Desirable skills you’ve got up your sleeve It would be great if you also have some the following skills: In-depth knowledge of sports betting markets, including odds calculation, betting types and market trends Previous experience in the online gaming or casino industry, with a strong understanding of player behaviour and industry regulations Familiarity with gambling regulations and compliance requirements in various jurisdictions, ensuring adherence to legal standards Experience in developing and executing customer retention strategies Microsoft: Azure Security Engineer Associate (AZ-500) or equivalent accreditation Experience working with geographically dispersed systems Comprehensive experience of working in a gaming and gambling environment Experience working within a regulated environment Our values are non-negotiables Our culture is underpinned by core values that are linked to key behavioural competencies. Along with the below behavioural competencies, these are essential for all employees in order for you to embed in and drive our culture forward. These competencies are: Adaptability Ownership and accountability Initiating action Resilience Team orientation Integrity Innovation What you’ll get back We offer a great variety of personal and professional benefits to help you thrive at Betway and Super Group. This includes: We’re dedicated to your supergrowth. Our comprehensive learning and development programmes give you a range of resources and opportunities to expand your skills and advance your career. Your hard work and achi...

London, United Kingdom

On site

Full Time

17-01-2025