Security Governance & Compliance
- Assist in the implementation and maintenance of security frameworks (ISO 27001, PCI DSS, ISO 42001, Cyber Essentials).
- Support compliance assessments, audits, user access reviews, and internal security reviews.
Maintain security policies, standards, and procedures, ensuring they align with industry best practices and regulatory requirements. - Collaborate with internal stakeholders to ensure security governance requirements are met.
Track and manage security compliance metrics and reporting. - Leverage AI-driven tools and automation to enhance security governance and compliance processes.
Risk Management
- Support risk assessments to identify, assess, and mitigate security risks.
Maintain and update the risk register, ensuring risks are tracked and assigned appropriate treatment plans. - Assist in third-party risk assessments, evaluating vendors' security postures.
Work with security teams to implement risk mitigation strategies and track remediation efforts. - Utilize AI and automation to enhance risk assessment and monitoring capabilities.
Security Awareness & Training
- Support the development and delivery of security awareness programs to promote a security-first culture.
- Assist in security training initiatives for employees and key stakeholders.
- Monitor and report on the effectiveness of security awareness programs.
Audit & Assurance
- Completion of security questionnaires, RFPs and security responses to provide customers assurance in P. products and services.
- Assist in preparing for internal and external security audits, ensuring evidence collection and documentation is up to date.
- Support remediation efforts following audit findings, tracking corrective actions.
Contribute to continuous improvement initiatives to enhance security controls and compliance measures. - Implement AI-driven analytics to streamline audit preparation and compliance monitoring.
