As an Information Security Compliance Engineer, you will be part of the Risk and Compliance Team and work closely with the Information Security Team. You will play a critical role in promoting, embedding and validating the effectiveness of the security controls specified by the Information Security Team as well as wider business and compliance controls.
- Promote and embed security controls in line with the firm's information security programme.
- Good understanding of major certifications and standards (ISO27k, SOC2).
- Develop methodologies to test and validate control effectiveness for security and non-security controls
- Undertake a programme of activities to, where possible, automate controls
- Familiar with ISO 27001-27002 and NIST 800-53 security controls requirements
- Familiar with Linux, Mac, and OSS software