Information Security Risk Analyst
An insurance leader who operates in 54 countries has started the search for a new Information Security Risk Analyst to join the business.
You will have the opportunity to be part of multiple high profile information security workstreams with a strong emphasis on risk management, policy governance and security reporting.
As the Information Risk Security Analyst, you will support senior members of the EMEA InfoSec team.
- Responsible for maintaining up-to-date centralised view of cyber security risks.
- Co-ordination of prioritisation and results of control tests performed by the Control Assurance function.
- Operational oversight of the external resources performing Application and Third Party assessments to ensure performance to SLA's.
- Reviewing information security policies, standards, guidelines and baselines in place and being developed.
- Providing support to ongoing risk assessment programmes.
- Maintenance and management of the Risk Register and co-ordination with the Enterprise Risk Management strategy and approach.
- Assist with internal security reporting, including steering committees and updates for senior management.
- Oversight and management of ongoing internal information security projects.
Experience and qualifications:
- Five + years of information security experience with a focus in control assessment/design, governance, risk management, program development, compliance, and/or auditing
- Knowledge of both the business and technical aspects of information security
- Strong broad-based technical background (distributed/mainframe, database, web-based application development, etc.)
- Experience interpreting and applying information security standards and frameworks (e.g., ISO/IEC 27001/27002, PCI-DSS, NIST Cybersecurity Framework, etc.) or attestation reports (e.g., SOC 1/2)
- Proficient use of personal computers and Microsoft Office Suite
- Bachelor's degree or equivalent work experience
- Certification such as CISM, CISA, CRISC, CCSP, CISSP or CIPP is a plus
10% pension, 15% bonus, flexible working, 25 days holiday, health and life insurance
We are only able to respond to successful applicants. Required IT operate as an employment agency and employment business and are an equal opportunities employer.