As an organisation, you have a choice in how you approach the various compliance and information security frameworks such as PCI DSS, NIST CSF, ISO27001 and SOC2. You can either treat them as box-ticking exercise that leaves you open to risk – and burdens your employees with unnecessary procedures – or embrace them by tailoring each framework to your organisation and strategy.
If you choose the latter, DCL Search can supply skilled practitioners to guide you through the latest frameworks and their requirements.
Whether you are preparing for an internal ISO27001 audit or need to know the difference between the requirements of A.6.2.1 and A7.1.1; don’t leave it to chance, speak to DCL Search.
Contact: Chris Holt +44 7884 666351 / Chris.firstname.lastname@example.org
- Information Security Consultant- SOC2 / ISO27001. REMOTE UK
- United Kingdom
Information Security Consultant- SOC2 / ISO27001. REMOTE UK Internal opportunity. UK based. Remote Working closely with internal stakeholders to ensure that the internal information security function is delivering best practice and ensuring the business meets SOC2 and ISO27001 compliance. You must have working knowledge and experience work within a SOC2 and ISO27001 certified environment. As a primary function of this role will be ensuring the business adheres to all audit / compliance requirements of SOC2 and ISO27001. Your role will include, but not be limited to the following. Audit. Working with external auditors and internal stakeholders. · Ensuring gaps identified have radiation plans in place. · Managing risk register. · SOC2 and ISO 27001 audit preparedness. · SOC2 ISO27001 internal implementation 3rd Party supplier risk management · New and existing supplier reviews, security questionnaires, measuring risk scores etc. Information Security Standard and Policies · Maturing information security policies · Internal Gap Analysis Other · Business Continuity impact assessments, reviews, improvement. · Disaster Recovery planning, testing, review. · Working with vulnerability teams / penetration testing teams to help plan, scope and coordinate patches / remediation. · Incident reporting / executive summaries. The business is working to ensure and enhance the adherence to ISO27001 and SOC2 controls. Any experience working within a cloud AWS Cloud environment is highly desirable. Looking to interview immediately. Apply today for more information.