Information Security Assurance Specialist
On site
South East England, United Kingdom
£ 650 / day
Freelance
30-10-2024
Job Specifications
Information Security Assurance Specialist
Contract - Inside IR35 - £500 - £660 P/D
Hybrid - Occasional Travel to Locations in SE
Please only apply to this role if you can commit to occasional travel to multiple locations within the South East.
I'm working with with one of our key clients who after undertaking a widespread overhaul of their 3rd party contract clauses have an urgent requirement for 2x Information Security Assurance Specialists, one role will be primarily working with an IT environment and one within their OT estate.
Requirements for the role:
- Previous experience as a Information Security Assurance Specialist
- Familiar and knowledgeable around CAF
- Great communication - You need to be clear, concise and able to handle 'push back' from stakeholders
- Strong Negotiation skills
Your responsibilities focus on enhancing cybersecurity measures within supplier contracts, especially in relation to the NIS enhanced Cyber Assessment Framework (eCAF) and NIS 2 regulations.Key Responsibilities:
Cybersecurity Clause Review:
Update standard cybersecurity clauses to align with eCAF and best practices.
Supplier Security Posture Assessment:
Assess the cybersecurity posture of our suppliers.
Review existing supplier risk assessments and contracts to identify gaps.
Contract Recommendations:
Suggest modifications to supplier contracts to strengthen cybersecurity provisions.
Review and propose changes to contracts and SLAs to ensure compliance with eCAF and NIS 2.
Compliance Monitoring:
Develop systems and processes for monitoring adherence to cybersecurity clauses.
Conduct regular reviews of suppliers to ensure they meet cybersecurity standards.
Collaboration:
Work with third parties, risk management, procurement, and legal teams to implement contractual changes.
If this role sounds like a good fit, then please apply below!
About the Company
TRIA is a founder-led organisation that accelerates digital transformation, unlocks technology potential, and gives your business a competitive advantage through end-to-end strategic consultancy services and recruitment solutions. Whether you are looking to source talent and scale technology teams or deliver full projects to precise work packages and deliverables, TRIA aligns with your goals, minimises risk, and delivers you sustainable and meaningful services that drive results. It’s our responsibility to use our position... Know more
Related Jobs
- Company Name
- TEKsystems
- Job Title
- Information Security Analyst (GRC)
- Job Description
- Responsibilities Assist regional Information Security and IT Risk managers with routine review and approval activities. Provide expert assistance for resolving technical security issues. Conduct security and IT risk reviews, walkthroughs, and assessments to identify and implement appropriate controls to mitigate risks. Maintain and expand expert knowledge on all aspects of Information Security, IT Risk management, and the security posture adopted. Manage the day-to-day operations and effectiveness of security-related programs and initiatives. Assess costs associated with potential threats and implement solutions to minimize risks. Review risk-related standards, policies, and regulations both internally and regionally. Complete regulatory risk reporting. Essential Skills Strong knowledge of Windows, networks, databases, and basic security principles. Ability to extract key operational information from unstructured data. Broad technical expertise, preferably gained in a Capital Markets environment. Additional Skills & Qualifications Previous experience in Information Security and IT Risk management. Technical proficiency with Tableau, MS365, IT security, and cyber security. Enjoys learning and is willing to admit and correct mistakes. Able to make decisions based on limited information. Attention to detail and advanced interpersonal skills. Why Work Here? Opportunities to progress within the company in a fast-paced environment. Work Environment The role operates in a dynamic and fast-paced environment. You will be working with a variety of technologies and equipment, ensuring that the organization's assets are protected and compliant with relevant standards and regulations. Job Type & Location London, 2 days a week Location London, UK Rate/Salary 350.00 - 375.00 GBP Daily Trading as TEKsystems. Allegis Group Limited, Bracknell, RG12 1RT, United Kingdom. No. 2876353. Allegis Group Limited operates as an Employment Business and Employment Agency as set out in the Conduct of Employment Agencies and Employment Businesses Regulations 2003. TEKsystems is a company within the Allegis Group network of companies (collectively referred to as "Allegis Group"). Aerotek, Aston Carter, EASi, Talentis Solutions, TEKsystems, Stamford Consultants and The Stamford Group are Allegis Group brands. If you apply, your personal data will be processed as described in the Allegis Group Online Privacy Notice available at our website. To access our Online Privacy Notice, which explains what information we may collect, use, share, and store about you, and describes your rights and choices about this, please go our website. We are part of a global network of companies and as a result, the personal data you provide will be shared within Allegis Group and transferred and processed outside the UK, Switzerland and European Economic Area subject to the protections described in the Allegis Group Online Privacy Notice. We store personal data in the UK, EEA, Switzerland and the USA. If you would like to exercise your privacy rights, please visit the "Contacting Us" section of our Online Privacy Notice on our website for details on how to contact us. To protect your privacy and security, we may take steps to verify your identity, such as a password and user ID if there is an account associated with your request, or identifying information such as your address or date of birth, before proceeding with your request. commitments under the UK Data Protection Act, EU-U.S. Privacy Shield or the Swiss-U.S. Privacy Shield.
- Company Name
- Crimson Limited
- Job Title
- Senior IT Security Officer - London
- Job Description
- Senior IT Security Officer - London Inside IR35 - £575 - £625 6 Months Hybrid working (1-2 days per week on-site) Senior IT Security Officer required for a leading client based in Central London. My client is currently seeking a Senior IT Security Officer to come on board to manage the Identity & Access Management (IAM) pillar within the IT Security, Compliance & Identity function, encompassing IAM-related standards, processes, and technologies. This role requires leveraging an understanding of business objectives and security needs to define challenges and establish priorities for both internal and external delivery teams. Key skills and responsibilities, Previous IT Security experience Previous Security Management experience Proven experience in managing domain services, including Active Directory (AD) and Azure Active Directory. Skilled in managing authentication and authorization across Cloud and On-Prem environments, with expertise in protocols such as LDAP, SAML, OAuth, and MFA, along with a strong track record in implementing SSO. Proficiency with PowerShell and automation tools. Experienced in designing and implementing secure systems, with the ability to lead reviews on complex security challenges when needed. Lead the management and strategic direction of Directory Services alongside the Product Owner. Familiarity with IT service frameworks, methodologies, and best practices such as ITIL v4 and Agile. Broad knowledge across various IAM capabilities (eg, Security Groups, JML, IGA, PAM, RBAC). Strong understanding of Microsoft IAM functionalities Oversee and drive delivery across Azure Active Directory (Entra ID) and Active Directory, serving as the Product Manager for these platforms. Support, facilitate, and oversee data assurance processes and controls across IAM, including backing the automation strategy and audit processes. Manage health and performance activities within the Directory Services function. Lead the authentication and authorization capabilities by defining requirements, establishing controls, and implementing technology to enhance value and mitigate risks. Direct the development and upkeep of IAM standards, procedures, and documentation. Interested? Please submit your updated CV to (see below) for immediate consideration. Not interested? Do you know someone who might be a perfect fit for this role? Refer a friend and earn £250 worth of vouchers! Crimson is acting as an employment agency regarding this vacancy
- Company Name
- Stott and May
- Job Title
- Senior Security Officer (IAM) | £575-£625 | Birmingham
- Job Description
- Senior Security Officer (IAM) | £575-£625 per day | Inside IR35 | 3-6 months Role: Senior Security Officer (IAM) Day Rate: £575-£625 per day Type: Contract Location: Remote IR35 status: Inside My client has an urgent requirement for a Senior IAM Officer on a 6 month contract (Inside IR35). 1 stage interview process! Key responsibility is the effective management of the IAM pillar within the IT Security, Compliance & Identity function and lead the delivery across Azure Active Directory (Entra ID) and Active Directory. This role is 1/2 days per week onsite in Birmingham or London and the daily rate on offer is £575-£625 per day. If you are interested in the Senior Security Officer (IAM) position, please apply with an up to date CV as soon as possible. Senior Security Officer (IAM) | £575-£625 per day | | Inside IR35 | 3-6 months
- Company Name
- Harvey Nash
- Job Title
- Security Consultant- Penetration Testing
- Job Description
- One of our global client is looking for a Penetration Tester to work remotely. If you are available and interested in this opportunity, please reply with your latest CV and best available time to discuss this. Below is the job specs for your reference; Job Title: Security Consultant Location: Remote Duration: ASAP until Dec 31st, 2024 Top Responsibilities: Delivering web application penetration tests to clients, creating reports, Carrying out security testing/coordinating with client's manager/report writing. Project: Cover for penetration testers on paternity leave, delivering web application penetration tests to clients. Top Required Skills: Computer Science or similar degree, Penetration testing certifications such as CRT, OSCP, OSCE, OSEE, SANS certifications. Consulting experience