Security Controls Specialist

4596413

View Saved Jobs

Save Job

Job type
Permanent
Location
Edinburgh
Working Pattern
Flexible Working,Full-time
Specialism
Cyber Security
Industry
Technology & Internet Services
Pay
£45,000 to £58,000 (DoE) + Bonus

Share Job

IT Risk, Information Security, Information Assurance, ISO27001, NIST, Technical Controls, Controls Testing

Security Controls Specialist

Permanent Salary: £43,000 to £58,000 (DoE)

Location: Edinburgh

Working Arrangement: Hybrid – 2-3 days on site

Your new company:

I’m currently looking for multiple security controls specialists to work for a modern financial institution to assist with the maintenance, enhancement and assurance of technical controls (ITGC and ITAC) during a period of rapid change. The ideal candidate will have a financial services background, experience driving and testing first line IT controls, and may have come from an information security, audit or risk background with the relevant framework knowledge that comes with this role type (NIST, ISO27001).

This role involves:

Technical control monitoring, testing and enhancement

Testing business-wide security controls against an annual schedule

Supporting information assurance partners

Scheme attestations – thorough reviews of control statements

Supporting technical operations, supplier management and operational resilience teams on risks, with the view to creating, driving and providing assurance on preventative, detective and directive technical controls

Working with key stakeholders and embedding your understanding of information security from a controls perspective

Taking ownership of assurance activities pertaining to technical controls

Working from within the first line of defence (1LOD) on the continual enhancements of technical controls using your knowledge of contemporary risks and the controls to mitigate, escalate or accept them.

What I’m looking for

A background in financial services, fintech or accountancy / consultancy sector environments working on technical IT controls and IT risk

Knowledge of what a good control looks like alongside the knowledge and ability of how to effectively test controls

Understanding of core technology and information security frameworks (NIST, ISO27001)

Excellent articulative ability

Demonstrable experience working within IT audit, IT risk management, technical controls testing/management or IT assurance related roles

Experience testing controls and enhancing information security and IT risk policies

Relevant industry certifications are desirable, as is the drive to achieve them.

Willingness to learn

What you'll get in return:

£43,000 - £58,000 per annum

Performance Bonus

Company benefits (discounts, insurance etc).
Private medical insurance

Good pension scheme

Apply through LinkedIn

Talk to James Dilks, the specialist consultant managing this position

Located in Leeds, 5th Floor, Broad Gate, 1 The HeadrowTelephone 0113 200 3750

Click here to access our Privacy Policy, which provides detailed information on how we use and protect your personal information, and your rights in relation to this.

JOBS YOU MIGHT LIKE

Security Architect
- Glasgow
- £
  Up to £89,000 plus public sector benefits
Cyber Workstream Lead – Security, Governance, Controls
- Edinburgh
- £
  Up to £615 pd (Inside IR35 - Umbrella)

RELATED COURSE

Build your career with the skills employers need.

Certified Ethical Hacker, Part 1 of 8: Intro to Ethical Hacking
151 minutes |
Course description
Hacking has gone from an obscure term to something that appears in the daily news. In this course we'll get started with what is hacking and understand some of the differences between "white hat" hackers and "black" or "grey" hat hackers. It will cover at a high level what are some of the essential tools a hacker needs to know about and be proficient with as well as the credentials of a hacker and what you can expect when becoming a Certified Ethical Hacker (CEH), an certification by the EC-Council.
Each LearnNowOnline training course is made up of Modules (typically an hour in length). Within each module there are Topics (typically 15-30 minutes each) and Subtopics (typically 2-5 minutes each). There is a Post Exam for each Module that must be passed with a score of 70% or higher to successfully and fully complete the course.

Prerequisites
To get the most out of this course, this course assumes that you have a good working knowledge of Linux and Windows based networking environments. It also assumes that you have experience with managing a network, have worked with networking hardware such as switches & routers, are familiar with MS Active Directory (AD) Domain based authentication, know how to work with command-line utilities, and understand the basics of Web Server environments. Many of the demonstrations in this course use the Windows 7 and Kali Linux operating systems which can be downloaded free from the respective sites. All of the demonstrations are created in a virtual environment using Oracle VirtualBox and VMware vSphere 6.

Meet the expert
Rafiq Wayani
Rafiq Wayani has extensive experience including more than 20 years in IT as Systems Architect, Software Engineer, DBA, and Project Manager. Wayani has instructed in a variety of technical areas, has designed and implemented network and information systems, and is certified across a wide range of platforms and systems including Microsoft Solutions Developer, Systems Engineer, Application Developer, Database Administrator, Trainer; Novell Netware Administrator and Engineer; Master Certified Netware Engineer; and A Certified.

Video Runtime
111 Minutes
Time to complete
151 Minutes

Course Outline
Intro to Ethical Hacking
Introduction (20:27)
- Introduction (00:16)
- Certified Ethical Hacking (00:56)
- Introduction (18:59)
- Summary (00:14)
Hacker Credentials (21:40)
- Introduction (00:18)
- Credentials (09:15)
- Demo: Wizard vs. Cmd Line (06:33)
- Demo: PowerShell (05:17)
- Summary (00:15)
Hacker Credentials Part 2 (07:14)
- Introduction (00:23)
- Credentials (00:21)
- OSI Model (03:52)
- Credentials Cont. (00:28)
- Demo: Linux (01:56)
- Summary (00:10)
Being a Hacker (06:01)
- Introduction (00:22)
- What Is It Like? (01:03)
- Demo: Understand the System (03:05)
- What Is It Like? Cont. (01:19)
- Summary (00:10)
Footprinting and Reconnaisance
Terminology (14:58)
- Introduction (00:21)
- Terminology (07:24)
- Terminology Cont. (06:57)
- Summary (00:14)
Tools (11:01)
- Introduction (00:27)
- Tools (02:53)
- Demo: Basic Windows Script (02:30)
- Demo: Basic Linux Script (02:38)
- Demo: Differences (02:15)
- Summary (00:15)
Footprinting (17:42)
- Introduction (00:17)
- Footprinting & Reconnaissance (05:36)
- Active & Passive Footprinting (04:55)
- Footprinting Sources (01:14)
- Demo: Google Hacking (01:38)
- Demo: Other Online Tools (02:34)
- Footprinting Sources Cont. (01:15)
- Summary (00:10)
Footprint Tools and CM (12:43)
- Introduction (00:15)
- Types of Information Gathered (06:36)
- Methods Available (02:13)
- Mitigate Footprinting (03:26)
- Summary (00:11)
Introduction to security in Microsoft 365
39 minutes | Beginner
Learn about the different Microsoft solutions for managing security in your organization. Microsoft 365 provides a holistic approach to security, helping you to protect identities, data, applications, and devices across on-premises, cloud, and mobile.

IT Risk, Information Security, Information Assurance, ISO27001, NIST, Technical Controls, Controls Testing

Apply for this job

JOBS YOU MIGHT LIKE

Security Architect

Cyber Workstream Lead – Security, Governance, Controls

RELATED COURSE

Build your career with the skills employers need.

Certified Ethical Hacker, Part 1 of 8: Intro to Ethical Hacking

Introduction to security in Microsoft 365