Offres cyber security training à EdinburghCreate job alerts

Heat UK is a forward-thinking organization committed to innovation resilience and trust. As we continue to grow and evolve in a digital-first world we are seeking a strategic and business-savvy Business Information Security Officer (BISO) to bridge the gap between cybersecurity and business operations. The BISO is expected to be adaptable and have the ability to implement the integration of cybersecurity into our IT and operational technology (OT) ecosystems. As the BISO you will serve as the primary liaison between the BA Customers & Solutions Security & Resilience team and business units ensuring that information and cybersecurity strategies align with business goals. You will be responsible for embedding security into business processes managing risk and driving a culture of security awareness across the organization. The BISO will report directly to the Head of Business Excellence with additional reporting to the Director of Asset Management on the OT topics. Main tasks • Act as the trusted information and cybersecurity advisor to management and stakeholders, • Establishing developing and implementing the Security Management System in the BU Heat UK through translation of technical security requirements into business-aligned strategies., • Identify assess and mitigate information security risks within Heat UK, • Work as part of the BA Customers & Solutions Security & Resilience team to implement policies standards and controls., • Lead security risk assessments audits and compliance initiatives and promote security awareness and training programs tailored to business needs., • Support business continuity planning and incident response including participation in on-call duty in connection with security incidents, • Monitor and report on key security metrics and risk indicators., • Identify register and assess cyber risks across business processes applications and industrial systems and translate security policies into actionable controls for IT/OT environments., • Drive cybersecurity awareness and training tailored to business and OT users., • Ensure compliance with industry regulations (e.g. ISO/IEC 62443 GDPR etc). Qualifications : • Experience in the above topics preferably in information security management systems and service level agreements with exposure to both IT and OT environments., • A proactive work attitude. Able to take responsibility and to keep focus on your goals, • Knowledge on how to cooperate with others to prioritize and to work under pressure., • A critical attitude when necessary and will talk to others about their professional responsibility., • Very good communication and negotiation skills also on a management level., • Completed university studies preferably in the fields of computer science engineering or business informatics., • Strong understanding of industrial control systems (ICS) SCADA and business IT systems., • Familiarity with cybersecurity frameworks (e.g. NIST CSF ISO 27001 IEC 62443)., • Relevant certificates for proof of competence are an advantage: CISSP GICSO CRISC CISM CISA ISO 27001 Lead Auditor/Implementer, • Good knowledge of the ISO 27000 series of standards, • Very good abstraction skills and pronounced skills in logical-analytical and informatic thinking, • Very good command of spoken and written English, • Willingness to travel primarily within Europe Additional Information : Our offer Good remuneration a challenging and international work environment and the possibility to work with some of the best in the field. You will be working in interdisciplinary teams and you can always count on support from committed colleagues. We offer attractive employment conditions and opportunities for personal and professional development. More Information We welcome your application in English no later than 24/08/2025. We kindly request that you do not send applications by any means other than via our website as we cannot guarantee that we will be able to process applications that are not made via our website. For more information about the recruitment process you are welcome to contact our recruiter Adam Hammond via Commitment to Diversity Vattenfall is committed to promoting a diverse and inclusive community - a place where we can all be ourselves and succeed on merit. We offer a range of family friendly inclusive employment policies flexible working arrangements staff engagement forums and services to support all our employees. We are convinced that diversity contributes to build a more profitable and attractive company and we strive to be good role model regarding diversity. Vattenfall works actively for all employees to have the same opportunities and rights regardless of gender ethnicity age transgender identity or expression religion or other belief disability or sexual orientation. We look forward to receiving your application! Remote Work : No Employment Type : Full-time Key Skills SQL,Data Collection,GCP,Master Data Management,R,Data Management,Clinical Trials,User Acceptance Testing,Data Warehouse,SAS,Oracle,Data Analysis Skills Experience: years Vacancy: 1

Line of Service Assurance Industry/Sector Not Applicable Specialism Risk Management Level Manager Job Description & Summary About the role Our Financial Services Technology Risk and Resilience team helps FS firms navigate a fast-moving regulatory landscape while helping them to manage robust future-proof technology estates. From shaping digital resilience frameworks under the Digital Operational Resilience Act (DORA) to helping firms enhance their technology risk maturity as they respond to demands from different stakeholders we combine deep sector insight with leading technology to solve problems alongside our clients. Key Responsibilities Working with the engagement leader and broader engagement team you will support the engagement leader with and at times take responsibility for various areas of the engagement which may include: * Managing the progress and planning of the engagement from contracting to conclusion. * Supporting assessments of clients operations to determine opportunities for improvement. * Supporting the delivery of engagements in alignment with client objectives and expectations. * Working with other team members (PwC and client) to develop and implement new ways of working that meet client objectives and expectations. * Writing reports for clients regulators and other internal and external stakeholders. * Supporting business development activities such as preparing responses to tenders creating proposal documents and supporting in the creation of market facing thought leadership. * Conducting market research to support the development of new client relationships and opportunities. * Ownership of your personal development to ensure you are equipped with the skills relevant to the proposition now and in the future. * Coaching junior members of the team providing support training and feedback. * Engaging with the firms digital agenda and tools to help us deliver innovative solutions with a particular focus on building and leveraging AI assets. * Leading and supporting activities that contribute to the engagement of the broader team beyond specific client engagements. Essential Skills * Demonstrable track record in technology risk digital resilience IT audit or cyber-resilience within financial services (in-house or consulting). * Deep understanding of UK/EU regulatory drivers (e.g. FCA/PRA Operational Resilience Policy DORA SYSC 8 PS 21/3 CP4/24) and relevant industry frameworks (COBIT ITIL ISO 27001/22301 NIST CSF). * Hands-on experience leading multi-workstream projects producing C-suite deliverables and managing budgets. * Strong analytical skills with the ability to translate complex technical issues into clear business-focused recommendations. * Excellent written and verbal communication skills; comfortable presenting to ExCo / Audit & Risk Committee level. * Possession of strong team working and leadership skills including the ability to work as a team and under your own initiative. * A willingness to learn new skills and help develop and innovate new client propositions. * Ability to communicate clearly with colleagues and clients at all levels. * Demonstrable experience of using AI in current role. * Eligibility to work in the UK; willingness to travel to client sites. Preferred Skills * Professional certifications: CRISC CISA CISM CISSP CBCI ISO 22301 Lead Implementer/Auditor PRINCE2/AgilePM. * Experience with cloud-service-provider assurance (e.g. AWS Well-Architected reviews Azure CAF SOC 2). * Knowledge of emerging technologies (AI/ML quantum computing) and their risk implications. * Prior involvement in regulatory remediation (e.g. s166 Skilled Person reviews). * Technical financial services knowledge including an understanding of the Insurance Asset Management and Banking industries. * Commercial acumen and an interest in how complex organisations operate. Education (if blank degree and/or field of study not specified) Degrees/Field of Study required: Degrees/Field of Study preferred: Certifications (if blank certifications not specified) Required Skills Optional Skills Accepting Feedback Accepting Feedback Active Listening Analytical Thinking Business Decisions Business Performance Management C-Level Presentations Coaching and Feedback Communication Compliance Frameworks Compliance Policies Compliance Program Implementation Compliance Review Controls Testing Corporate Governance Creativity Embracing Change Emotional Regulation Empathy External Audit Finance Target Operating Model Finance Transformation Financial Reporting Fraud Detection Fraud Prevention 22 more Desired Languages (If blank desired languages not specified) Travel Requirements Not Specified Available for Work Visa Sponsorship Yes Government Clearance Required No Job Posting End Date Required Experience: Manager Key Skills Arm,Risk Management,Financial Services,Cybersecurity,COSO,PCI,Root cause Analysis,COBIT,NIST Standards,SOX,Information Security,RMF Employment Type : Full-Time Experience: years Vacancy: 1

Job Title: Cyber Incident Response Analyst Contract Type: Full time Permanent Location: Edinburgh / Glasgow / Alderley Park / London Working style: Hybrid 50% home/office based Closing date: 20th August 2025 This role will assure the response to a cybersecurity event or incident taking the lead to contain the threat to the Royal London business and support the remediation activities to stabilise service. The role will co-ordinate the activities between Defence Threat Intelligence SOC and Engineering and be the point of contact for IT Security within the Royal London Group incident management team purpose is to minimise and control the damage resulting from cybersecurity incidents ensuring that the appropriate incident management and response controls are in place and operating as required in order to enable the identification protection detection response and recovery of RLG information assets. It outlines how the role contributes to our purpose: * Helping build financial resilience * Moving fairly to a sustainable world * Strengthening the mutual choice for customers About the role * Creation and maintenance of RLG incident response plan and procedure * Undertake Confidential and sensitive colleague investigations * Develop and mature the Incident Response policy process and procedures * Provide root cause analysis create metrics to create reports and analytics to improve future incident response * Collect supporting information and/or relevant artifacts in support of incident response activities * Identify and execute projects that improve our intrusion detection and incident response capabilities * Conduct technical analysis on impacted systems to determine impact scope and recovery from active and potential cyber incidents * Leverage tools from RLG cybersecurity software to identify and remediate threats * Executes the Incident Response Lifecycle and coordinates remediation activities throughout the organization and its lines of business as a part of Cyber Incident Response handling * Recommends solutions to optimize both technical and process/procedure aspects of the end-to-end incident lifecycle * Presenting Incident improvements and features to senior management * Provides training and mentoring of team members About you * Minimum of 2 years in an incident response or Forensic role * Understand threat analysis / threat modelling * Experience with endpoints/EDR in an MDR * Experience of managing complex and challenging Cyber Security or Service Incidents * Ability to identify patterns anomalies and issues that span multiple vectors * Understanding of common cybersecurity threats and terminology including but not limited to phishing malware and data compliance * Ability to create structured reports on cybersecurity incidents * Proficient project management organization and communication skills * Self-motivated innovative and willingness to learn * Forensic investigation knowledge * MSP/MSSP/MDR experience preferred About Royal London Were the UKs largest mutual life pensions and investment company offering protection long-term savings and asset management products and services. Our ___ Our Job Title: Cyber Incident Response Analyst Contract Type: Full time Permanent Location: Edinburgh / Glasgow / Alderley Park / London Working style: Hybrid 50% home/office based Closing date: 20th August 2025 This role will assure the response to a cybersecurity event or incident taking the lead to contain the threat to the Royal London business and support the remediation activities to stabilise service. The role will co-ordinate the activities between Defence Threat Intelligence SOC and Engineering and be the point of contact for IT Security within the Royal London Group incident management team purpose is to minimise and control the damage resulting from cybersecurity incidents ensuring that the appropriate incident management and response controls are in place and operating as required in order to enable the identification protection detection response and recovery of RLG information assets. It outlines how the role contributes to our purpose: * Helping build financial resilience * Moving fairly to a sustainable world * Strengthening the mutual choice for customers About the role * Creation and maintenance of RLG incident response plan and procedure * Undertake Confidential and sensitive colleague investigations * Develop and mature the Incident Response policy process and procedures * Provide root cause analysis create metrics to create reports and analytics to improve future incident response * Collect supporting information and/or relevant artifacts in support of incident response activities * Identify and execute projects that improve our intrusion detection and incident response capabilities * Conduct technical analysis on impacted systems to determine impact scope and recovery from active and potential cyber incidents * Leverage tools from RLG cybersecurity software to identify and remediate threats * Executes the Incident Response Lifecycle and coordinates remediation activities throughout the organization and its lines of business as a part of Cyber Incident Response handling * Recommends solutions to optimize both technical and process/procedure aspects of the end-to-end incident lifecycle * Presenting Incident improvements and features to senior management * Provides training and mentoring of team members About you * Minimum of 2 years in an incident response or Forensic role * Understand threat analysis / threat modelling * Experience with endpoints/EDR in an MDR * Experience of managing complex and challenging Cyber Security or Service Incidents * Ability to identify patterns anomalies and issues that span multiple vectors * Understanding of common cybersecurity threats and terminology including but not limited to phishing malware and data compliance * Ability to create structured reports on cybersecurity incidents * Proficient project management organization and communication skills * Self-motivated innovative and willingness to learn * Forensic investigation knowledge * MSP/MSSP/MDR experience preferred About Royal London Were the UKs largest mutual life pensions and investment company offering protection long-term savings and asset management products and services. Our