At Quorum Cyber we help good people win. Founded in Edinburgh in 2016, our expert team of security analysts, incident responders, forensic specialists, and threat hunters leverage the best Microsoft security technologies to defend organisations worldwide against cyber security breaches and attacks. As a Microsoft-only house we provide a unified security ecosystem, offering a collection of simple, innovative Professional and Managed Security Services, delivered through our own platform Clarity. Our key Managed Security Services include: - Azure Sentinel Security Operations Centre (SOC) and Managed Detection and Response (MDR) - Managed Microsoft Defender - CREST Vulnerability Management - Phishing Protection & Simulation Our Professional Security Services provide a wide range of advisory, risk assessment and compliance solutions, with the aim to help our clients manage exposure to cyber risk over time, increase resilience to business disruption, and achieve measurable returns on investment. We take the weight and pressure of managing security posture, internal IT security skillset and challenges faced with the increase in sophisticated cyber threats.

Our commitment to quality can be evidenced by the growing collection of certifications and accreditations we’ve secured over the years, including Microsoft Gold Partner status, Microsoft Intelligent Security Association (MISA) and CREST Accreditation: Vulnerability Assessments, Penetration Testing and Cyber Security Incident Response. We are proud winners of the Scottish Cyber Awards and Digital Technology Awards for our innovate, in-house built services

What i do is:

• Assist in Maintaining the content in the Quorum Cyber QCMS – our ISMS and QM platform
• Maintain the Quality and Security Control measures that Quorum Cyber uses to maintain and improve the quality of the services we deliver to our customers
• Answer questions from Quorum Cyber teammates about our quality and security controls and measures.
• Gather evidence throughout the year to support our audit cycle.
• Assist in the review, update and validation of our Policies, Procedures and Documentation
• Reviewing documents to ensure currency
• Updating documents to reflect changes in policy etc.
• Continually Improve my own skills and capabilities
• Develop new skills and areas of expertise, working towards a formal Audit qualification
• Work to Improve my professional standing and public presence through participation in trade bodies and contributions to marketing and outreach activities

Where I Fit:

I am part of the Governance, Information Technology and Security team, and report to the Head of Information, Technology and Security.

Our team works alongside other parts of the business to carry out audits, compliance improvements etc.

Our team exists to make Quorum Cyber better at what we do, and to make it easier for the other teams to deliver great services in safety, knowing that all relevant laws and rules are being followed.

One of Quorum Cyber’s core concepts is “Do the Right Thing”. Our team answers the questions “How do we KNOW, and how do we SHOW that we did the Right Thing?”

The skills and attributes i need are:

• Technical Writing Ability
• Forensic Mindset
• Technical Curiosity
• Focused on Detail
• Great Communication Skills
• Pragmatism
• Time Management, both day to day and Annual Calendar
• Great team player

I know i have done a great job if:

• Our documents are up to date, and an accurate record of their reviews and updates is available on demand for auditors, internal and external.
• The number of non-conformance issues being tracked by the compliance team over time is managed and trends downward.
• I have worked closely with my colleagues to improve our systems and processes
• I have maintained great quality documentation that provide auditable records of what was done, when and why.
• I have raised my profile inside and outside of Quorum Cyber