Information Security Services- Senior Security Auditor - EMEIA Bangor LL57, UK
Headquartered in Canada with locations across the United States and around the globe with a footprint on six continents, Bulletproof, a GLI company has decades of technology, security, and compliance expertise. Bulletproof’s work in the security space has been recognized nationally and globally with Microsoft’s global Security Partner of the Yearin 2021 and five Microsoft Canada Impact Award wins from 2019 to present-day.
At Bulletproof, our vision is to serve, secure, and empower the world through people and technology; Global Impact - As a global team spanning continents, boundaries, and cultures, every day we are inspired by the impact our work has on our colleagues, our customers, our communities, and the world at large.
Diversity, Equity and Inclusion - We celebrate each other’s differences, continuously strive for equality and recognize that inclusion makes us stronger as individuals, a company and a global citizen.
Managing and delivering Information Security audit assignments.
Defining the scope for Information Security audit assignments.
Developing and quality assuring security audit reports.
Travelling to client’s and to other group’s office locations.
Teaming up with colleagues in other lines of services in support of client needs for Information Security Services.
Research best practices, developments, techniques and trends in information security and determines relevance to client organizations.
Provides clients with exceptional service in a professional, courteous and timely manner.
A good understanding of Linux, Windows, and network security skills.
Excellent written and oral communication skills in English.
Ability to meet deadlines and deliver a high-quality product (reports).
7 years minimum information security experience ideally in a fast paced, changing environment.
ISO27001 Lead Auditor, PCI QSA, ISACA CISM, SANS Certifications.
Deep understanding of key information security program development, tool implementation and information security concepts and frameworks.
In-depth experience designing and implementing information security solutions.
Understanding of information security frameworks such as ISO / IEC 27001 : 2022, COBIT, NIST CSF.
Support team technical development (e.g. through service development or research) and contribute to company technical processes overall.
Knowledge of AAA protocols and standards (Radius, TACACS, LDAP), SSO protocols (Kerberos, SAML, OpenID), access controls models (DAC, MAC, RBAC, ABAC) and related technologies required
Must have experience in implementing / assessing physical and environmental security controls (site perimeter, fire prevention, cooling, power, DRP, offsite back-up, redundant sites)
Knowledge of ERP solution (SAP, Oracle JDE, Microsoft Dynamics NAV), operating system (UNIX, Linux, Windows, etc.), database management systems (Oracle, SQL Server, Sybase, etc.) or network devices (router, switch, firewall, load balancer, intrusion detection and prevention system) is preferred
Hands-on experience in projects including ISO 27001 compliance (audit / implementation), internal control, business processes review, IT audit, IT general control, cloud computing, IT system implementation is highly preferred
Exposure to data analytics and proficiency in analytic software (ACL, Access, SQL Server, SPSS, SAS, R, Tableau, QlikView) is preferred
Must demonstrate sound report writing skills, presentation and communication skills
Fluency to a high degree in English is required, including written and oral skills.
Schedule : Normal hours are Monday through Friday, 40 hours per week.
All qualified applicants will receive consideration for employment without regard to race, colour, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status.
#J-18808-Ljbffr