Security Governance and Risk Analyst - PART-TIME

Job Ref: 50200370
Sector: Cloud and Infrastructure
Job Type: Permanent
Date Added: 17 April 2019
  • London, England, UK London London GBR EC3A 4AF
  • £35,000 - £50,000 per Year
  • Sarah Sandhu
  • 0207 654 1409

Quick Apply

Submitting application, please wait..

Request a callback

Send To A Friend

Security Governance and Risk Analyst - PART-TIME

A global media group in Central London is looking to appoint a Security Governance and Risk Analyst to join them on a permanent basis.

The Security division are responsible for the scope and delivery of both cyber security and business continuity activities that cover all offices located across 145 countries globally.

The team are responsible for an extensive programme covering security governance frameworks and certifications, employee education & awareness, third party assurance and business continuity management.

Joining the expanding Security GRC team, you will have gained experience having supported a security governance and compliance program â€" ideally within a global organisation. The role will offer exposure to the wider Security team (including Cyber Operations and Architecture) in addition to the opportunity to develop and embed global security policies and standards, manage our security risks and support the delivery of our advanced reporting capability


Risk remediation to support the ISO27001 certification project

Support the security compliance process to ensure adherence to defined standards and policies

Coordinate information security risk assessments using the defined information security risk management process

Maintain the global security risk register

Report on the design and operation effectiveness of security controls

Development of security metrics via reporting dashboards for our global and regional executives

Perform internal audits measuring compliance with documented information security policies, standards and processes

Actively contribute to security initiatives to increase employee awareness

Maintain the information security improvement plan ensuring actions are completed by the agreed target dates

Assist in reviewing and redesigning internal processes and systems to ensure information confidentiality, integrity and availability

Define and maintain a record of compliance obligations mapping the evidence required to demonstrate alignment

Candidate Profile

Achieved or working towards an information security qualification (CISSP, CISM, CISA, CRISC) (desirable)

Strong working knowledge of ISO 27001

Experience of security compliance initiatives within an enterprise technology environment such as NIST CSF, CSA, PCI DSS, Cyber Essentials

Knowledge of all domains within security covering people, process and technology

Understanding of security risk analysis techniques

Understanding of network architecture, protocols and principles (desirable)

Working knowledge of global data protection legislation

Ability to explain technical complex concepts to non-technical audiences combined with excellent communication and organisational skills

Experienced with IT assurance functions and auditing techniques (desirable)

Technical experience in using Microsoft PowerBi, ServiceNow and other GRC and security platforms (advantageous)

Proactive development of trending knowledge and skills within information security community

We are an equal opportunities employer and welcome applications from all suitably qualified persons regardless of their race, sex, disability, religion/belief, sexual orientation, gender reassignment, marriage and civil partnerships, pregnancy or maternity or age.

17/05/2019 14:08:15
GBP 35000 35000