Cyber Security Auditor

Dovetail Human Resource Specialists

We are seeking a knowledgeable Cyber Security Auditor to join a professional team.

Job Role: Cyber Security Auditor
Location: Basingstoke (With UK Travel)
Salary: Competitive

We are seeking a knowledgeable Cyber Security Auditor to join a professional team working within an environment that is varied and focused on personal development and autonomy. 

At the cutting edge of their industry offering exceptional service and expertise to their clients on Security Strategy, Incident Response, Investigations, Cyber Essentials, ISO27001, IASME governance and many other compliance standards.

You should be a good communicator, enthusiastic and eager to learn. This is a client facing job and you will be required to extensively travel around the UK. Therefore, you should have a valid UK driving licence. 

Due to nature of our work you will be expected to maintain high security and confidentiality of data.

You should ideally have one or more of following or equivalent qualifications- CREST/ TIGER accreditation, C-EH, OSCP, CPP SIRA, CISA, CISSP.

Key Responsibilities:
  • Undertake risk assessment to an external standard. Knowledge of multiple platforms and technologies, including cloud solutions
  • Analysis and/or Audits in either Cyber Security or Information Assurance
  • Advise on or Implementing established governance processes and frameworks to bring the best possible value-add solutions to clients
  • Implement Business Continuity Planning and Incident Response Procedures- knowledge of SIEM tools and techniques
  • Apply a management system and develop an information security management plan.
  • Implement or audit ISO27001 standard
  • Write bespoke policies, procedures
  • Create data flow maps and process flow-chart
Qualifications:
One or more of the following:
  • ISO 27001 Lead auditor/ Lead implement
  • CISA, CISSP, CRISC, CGEIT, IIA’s CIA,
  • GIAC Systems and Network Auditor
  • Masters in IT Security
  • IRM qualifications
  • BCS Practitioner Certificates
  • CPP SIRA
  • CCSK
  
Technical skills/ experience:
One or more of the following areas:
  • Good knowledge of security management systems, governance & international standards
  • Broad understanding of management of cyber security risk, tools and techniques
  • Minimum 2 years of client facing experience in IT Audit/ GRC domain.
  • Broad understanding of IT and security risks, tools and techniques, privacy and data security laws and standards
  • Experience of working with suppliers on data security; internal reviews / audits and follow up;
  • Conducting risk assessments, creating compliance policies and procedures
  • Liaising with businesses/regulators to resolve any issues of non-compliance
Essential Professional skills:
  • Proficiency in application of Information Assurance methodologies and analysis frameworks in a range of scenarios
  • Ability to gather data, compile information, and prepare professional reports.
  • Ability to communicate with and understand the requirements of clients.
  • Fluent in written communications and able to articulate complex issues in plain language.
  • Ability to conduct effective research, using literature and other media.
  • Flexible attitude and ability to perform under pressure
  • Ability to work independently and to take responsibility
  • Maintain productive, professional and secure working environment
  • Ability to interpret written requirements and technical specification documents