The following job is no longer available:
Incident Response and Assurance Manager
Incident Response and Assurance Manager
Incident Response and Assurance Manager
Posted 13 days ago
- South East London
- Any
- External
- Expired - 3 months ago
Job Description
ABOUT JAGGAER:
JAGGAER is leading the Autonomous Commerce revolution, a self-governing B2B commerce experience between buyers, suppliers, things (IoT), and partners. Leveraging AI and machine learning, our intelligent procurement solutions provide enterprise buyers and suppliers with smart-match recommendations that align buyer needs with supplier capabilities.
Our solutions autonomously execute many repetitive, behind-the-scenes tasks to facilitate enterprise commerce. We are over 1,250 employees strong, all focused on customer success. For more information, visit www.jaggaer.com
WHAT WE ARE LOOKING FOR:
As part of our Cyber Security team, you will directly report to the Director, Cyber Architecture & Defense. This is a unique opportunity to expand your skills and influence a growing Cybersecurity Program and you must be able to obtain SC clearance if required. Main role is supporting the UKI & Nordics regions teams to evaluate controls, perform control testing to improve efficiency and effectiveness of the internal controls, monitor regulations for new or changed requirements, and coordinate with internal and external auditors to ensure compliance. You will facilitate control reviews to accommodate new business areas as well as changes in processes delivering a best-in-class capability to our stakeholders in respect of the technical, security and compliance.
ROLE RESPONSIBILITIES:
Act as primary security contact for UK clients
Be responsible for the investigation and resolution of security related events from various security appliances and toolsets
Develop security incident response plans & procedures including Security Incident Crisis / Emergency Management
Ensure integration of new security services within the monitoring and detection capability
Ensure information and security data is continuously collected, correlated and analysed to detect external and internal threats and vulnerabilities to our services
Optimise tools and processes that prepare the SOC to respond to security threats of the future
Oversee relationship with MDR vendor to deliver SOCaas service
Oversee internal CSIRT programme
Coordinate the post-incident review process, drive practical and impactful changes throughout the phases of the incident response lifecycle
Enhance security capabilities by building security tools, developing processes, and remediating tool output findings
Identify the need for, and implement, new security operating procedures and practices to meet operational requirements
Ensure policy, process, and procedure compliance, as well as process improvisation to achieve operational objectives
Develop and create reports for management updates and escalations
Contribute to the successful completion of internal and external audits
Provide leadership, guidance, and technical expertise to deliver a professional service
Develop, track, and report on key program performance metrics
Continuously monitor processes and drive improvements in efficiency and quality of our security programs
YOUR CURRENT SKILL SET WILL INCLUDE:
Must have detailed knowledge and experience with technology controls across a variety of Industry frameworks and how to assess controls supporting compliance for SOX, PCI, and Privacy
Developing dynamic approaches to the implementation of and technology compliance program utilizing a variety of testing methods, both manual and automated, to provide qualitative and quantitative results where applicable
Proven ability to independently gather test evidence and translate compliance findings into actions
Able to assess, identify, and document third party system compliance deficiencies and recommends solutions to include understanding SOC reports
Excellent communication skills to include but not limited to verbal and written communication; delivering organized presentations; able to tailor message to the audience; and facilitate group discussions with diplomacy and seek diverse opinions
Excellent analytical skills with experience in data analysis to support reporting and testing processes
Dedication and commitment to world class service and to exceeding customer expectations
Desire to keep current with technology and emerging technology compliance trends
Possess strong organization and time management skills
Demonstrated flexibility in a fast paced and agile environment.
EDUCATION AND/OR EXPERIENCE:
Bachelor's degree in Business/ Computer Science/Technology with IT audit or compliance experience
In depth knowledge of information security, Technology Compliance management industry frameworks and standards: NIST, OWASP, SANS, ISO-27001/2, SANS, and Cobit
3+ years working experience with enterprise technology compliance management programs, or Auditing experience, controls testing, conducting ITGC and PCI assessments and leading related project teams as a security subject matter expert in privacy, data security and control issues with technologies such as Cloud, SaaS, Linux, Windows, VMware, Intrusion Prevention
Previous working experience and knowledge of two or more security functions (IT Compliance Assessor, QSA, Security Specialist, IT Auditor)
Possession of one of the following industry certifications required : CISA, CRISC, CIA, CISM, PCI, CISSP
EEO:
JAGGAER is a proud equal opportunity/affirmative action employer supporting workforce diversity. We do not discriminate based upon race, ethnicity, ancestry, religion, color, national origin, sex (including pregnancy, childbirth, or related medical conditions), marital status, caregiver status, sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, genetic information, military or veteran status, mental or physical disability, or other applicable legally protected characteristics.
ACCESSIBILITY:
JAGGAER is committed to providing access and reasonable accommodation to applicants. If you are a qualified individual with a disability or a disabled veteran and you think you may require an accommodation for any part of the recruitment process, please send a request to: hruki&#####. All requests for accommodations are treated discreetly and confidentially, as practical and permitted by law.
ABOUT JAGGAER:
JAGGAER is leading the Autonomous Commerce revolution, a self-governing B2B commerce experience between buyers, suppliers, things (IoT), and partners. Leveraging AI and machine learning, our intelligent procurement solutions provide enterprise buyers and suppliers with smart-match recommendations that align buyer needs with supplier capabilities.
Our solutions autonomously execute many repetitive, behind-the-scenes tasks to facilitate enterprise commerce. We are over 1,250 employees strong, all focused on customer success. For more information, visit www.jaggaer.com
WHAT WE ARE LOOKING FOR:
As part of our Cyber Security team, you will directly report to the Director, Cyber Architecture & Defense. This is a unique opportunity to expand your skills and influence a growing Cybersecurity Program and you must be able to obtain SC clearance if required. Main role is supporting the UKI & Nordics regions teams to evaluate controls, perform control testing to improve efficiency and effectiveness of the internal controls, monitor regulations for new or changed requirements, and coordinate with internal and external auditors to ensure compliance. You will facilitate control reviews to accommodate new business areas as well as changes in processes delivering a best-in-class capability to our stakeholders in respect of the technical, security and compliance.
ROLE RESPONSIBILITIES:
Act as primary security contact for UK clients
Be responsible for the investigation and resolution of security related events from various security appliances and toolsets
Develop security incident response plans & procedures including Security Incident Crisis / Emergency Management
Ensure integration of new security services within the monitoring and detection capability
Ensure information and security data is continuously collected, correlated and analysed to detect external and internal threats and vulnerabilities to our services
Optimise tools and processes that prepare the SOC to respond to security threats of the future
Oversee relationship with MDR vendor to deliver SOCaas service
Oversee internal CSIRT programme
Coordinate the post-incident review process, drive practical and impactful changes throughout the phases of the incident response lifecycle
Enhance security capabilities by building security tools, developing processes, and remediating tool output findings
Identify the need for, and implement, new security operating procedures and practices to meet operational requirements
Ensure policy, process, and procedure compliance, as well as process improvisation to achieve operational objectives
Develop and create reports for management updates and escalations
Contribute to the successful completion of internal and external audits
Provide leadership, guidance, and technical expertise to deliver a professional service
Develop, track, and report on key program performance metrics
Continuously monitor processes and drive improvements in efficiency and quality of our security programs
YOUR CURRENT SKILL SET WILL INCLUDE:
Must have detailed knowledge and experience with technology controls across a variety of Industry frameworks and how to assess controls supporting compliance for SOX, PCI, and Privacy
Developing dynamic approaches to the implementation of and technology compliance program utilizing a variety of testing methods, both manual and automated, to provide qualitative and quantitative results where applicable
Proven ability to independently gather test evidence and translate compliance findings into actions
Able to assess, identify, and document third party system compliance deficiencies and recommends solutions to include understanding SOC reports
Excellent communication skills to include but not limited to verbal and written communication; delivering organized presentations; able to tailor message to the audience; and facilitate group discussions with diplomacy and seek diverse opinions
Excellent analytical skills with experience in data analysis to support reporting and testing processes
Dedication and commitment to world class service and to exceeding customer expectations
Desire to keep current with technology and emerging technology compliance trends
Possess strong organization and time management skills
Demonstrated flexibility in a fast paced and agile environment.
EDUCATION AND/OR EXPERIENCE:
Bachelor's degree in Business/ Computer Science/Technology with IT audit or compliance experience
In depth knowledge of information security, Technology Compliance management industry frameworks and standards: NIST, OWASP, SANS, ISO-27001/2, SANS, and Cobit
3+ years working experience with enterprise technology compliance management programs, or Auditing experience, controls testing, conducting ITGC and PCI assessments and leading related project teams as a security subject matter expert in privacy, data security and control issues with technologies such as Cloud, SaaS, Linux, Windows, VMware, Intrusion Prevention
Previous working experience and knowledge of two or more security functions (IT Compliance Assessor, QSA, Security Specialist, IT Auditor)
Possession of one of the following industry certifications required : CISA, CRISC, CIA, CISM, PCI, CISSP
EEO:
JAGGAER is a proud equal opportunity/affirmative action employer supporting workforce diversity. We do not discriminate based upon race, ethnicity, ancestry, religion, color, national origin, sex (including pregnancy, childbirth, or related medical conditions), marital status, caregiver status, sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, genetic information, military or veteran status, mental or physical disability, or other applicable legally protected characteristics.
ACCESSIBILITY:
JAGGAER is committed to providing access and reasonable accommodation to applicants. If you are a qualified individual with a disability or a disabled veteran and you think you may require an accommodation for any part of the recruitment process, please send a request to: hruki&#####. All requests for accommodations are treated discreetly and confidentially, as practical and permitted by law.
.webp "Apply4U | Sign Up")
.webp "Apply4U | Contact Us")
.webp "Apply4U | Sign up")
