Company Information: A rapidly growing Cyber Security Consultancy is searching for a Cyber GRC Practitioner to support their existing governance, risk & compliance services to their clients.
Assist in pre-sales engagements, working closely with clients and internal teams to structure cyber governance packages that meet their needs.
Assist with the analysis and design of clients' Information Security Management Systems (ISMS), incorporating legal, regulatory and scheme security requirements.
Support clients in their goal of demonstrating compliance in standards such as ISO27001, Cyber Essentials, PCI DSS, EU GDPR, etc.
Deliver bespoke cyber governance products (such as Cyber Incident Response Plans) that enhance organisations ability to manage cyber risk
Be able to communicate cybersecurity threats and their impact to both technical and non-technical audiences.
Assist with the execution of 3rd party governance audits to ensure controls are appropriate and in line with the required standards, as well as legal, regulatory and client security requirements.
At least 3 years experience in Cyber or Information Security
Helping to design and implement end-to-end or partial components of an ISMS aligned to legal, regulatory, and other client standards
Data Protection awareness as it relates to information security (GPPR, UK Data Protection Act, CCPA, etc.)
Experience of aligning operational models to and delivering against different governance frameworks (e.g. ISO 27001, MITRE ATT&CK, NIST, NCSC 10 Steps, ISO 27035 ISO 22301, ISO 27005/31000, PAS555, Cyber Essentials, PCI DSS, NHS DSPT, etc.).
The CLARC Guarantee - we 100% guarantee that your CV will never be sent to a client without your prior expressed permission so all of your details are totally secure with us.