Cyber Governance, Risk & Compliance Practitioner
A rapidly growing Cyber Security Consultancy is searching for a Cyber GRC Practitioner to support their existing governance, risk & compliance services to their clients.
- Assist in pre-sales engagements, working closely with clients and internal teams to structure cyber governance packages that meet their needs.
- Assist with the analysis and design of clients' Information Security Management Systems (ISMS), incorporating legal, regulatory and scheme security requirements.
- Support clients in their goal of demonstrating compliance in standards such as ISO27001, Cyber Essentials, PCI DSS, EU GDPR, etc.
- Deliver bespoke cyber governance products (such as Cyber Incident Response Plans) that enhance organisations ability to manage cyber risk
- Be able to communicate cybersecurity threats and their impact to both technical and non-technical audiences.
- Assist with the execution of 3rd party governance audits to ensure controls are appropriate and in line with the required standards, as well as legal, regulatory and client security requirements.
- At least 3 years experience in Cyber or Information Security Helping to design and implement end-to-end or partial components of an ISMS aligned to legal, regulatory, and other client standards
- Data Protection awareness as it relates to information security (GPPR, UK Data Protection Act, CCPA, etc.)
- Experience of aligning operational models to and delivering against different governance frameworks (e.g. ISO 27001, MITRE ATT&CK, NIST, NCSC 10 Steps, ISO 27035 ISO 22301, ISO 27005/31000, PAS555, Cyber Essentials, PCI DSS, NHS DSPT, etc.).
The CLARC Guarantee - we 100% guarantee that your CV will never be sent to a client without your prior expressed permission so all of your details are totally secure with us.