Security Assurance Specialist

Support the delivery of projects for ISG and the broader GTO function.

Act as a technical SME regarding SOC 2 assessments and security control framework.

Support Federated Hermes’s SOC 2 assessment, working with internal stakeholders to evidence security controls in operation.

Work with stakeholders across GTO to review and update Federated Hermes’s security controls framework in line with recent changes to NIST and CIS controls.

Co-ordinate stakeholders across GTO to disseminate assessment findings and coordinate remediation.

Work closely with project managers on outlining key tasks, refining delivery plans.

Requirements

Experience working internally to deliver a SOC 2 certification, working with internal stakeholders to evidence controls and interfacing with external auditor.

Experience working with virtual server and desktop environments such as VMware and Citrix.

Familiarity with security frameworks such as NIST800, CIS, ISO27001.

Industry recognized technical certifications are desirable (CISSP, CCSP, CompTIA Security+, GIAC security essentials).

Familiarity with security and privacy regulations impacting financial services such as SOX and GDPR.

Excellent written and verbal communications skills.