Cyber Security Manager (Technical) £60'000-£80'000My client are a world renowned company that offers a range of services including Consulting, Audit and Tax advice to their...
Security Governance and Risk Analyst - PART-TIME
A global media group in Central London is looking to appoint a Security Governance and Risk Analyst to join them on a permanent basis.
The Security division are responsible for the scope and delivery of both cyber security and business continuity activities that cover all offices located across 145 countries globally.
The team are responsible for an extensive programme covering security governance frameworks and certifications, employee education & awareness, third party assurance and business continuity management.
Joining the expanding Security GRC team, you will have gained experience having supported a security governance and compliance program â€" ideally within a global organisation. The role will offer exposure to the wider Security team (including Cyber Operations and Architecture) in addition to the opportunity to develop and embed global security policies and standards, manage our security risks and support the delivery of our advanced reporting capability
Risk remediation to support the ISO27001 certification project
Support the security compliance process to ensure adherence to defined standards and policies
Coordinate information security risk assessments using the defined information security risk management process
Maintain the global security risk register
Report on the design and operation effectiveness of security controls
Development of security metrics via reporting dashboards for our global and regional executives
Perform internal audits measuring compliance with documented information security policies, standards and processes
Actively contribute to security initiatives to increase employee awareness
Maintain the information security improvement plan ensuring actions are completed by the agreed target dates
Assist in reviewing and redesigning internal processes and systems to ensure information confidentiality, integrity and availability
Define and maintain a record of compliance obligations mapping the evidence required to demonstrate alignment
Achieved or working towards an information security qualification (CISSP, CISM, CISA, CRISC) (desirable)
Strong working knowledge of ISO 27001
Experience of security compliance initiatives within an enterprise technology environment such as NIST CSF, CSA, PCI DSS, Cyber Essentials
Knowledge of all domains within security covering people, process and technology
Understanding of security risk analysis techniques
Understanding of network architecture, protocols and principles (desirable)
Working knowledge of global data protection legislation
Ability to explain technical complex concepts to non-technical audiences combined with excellent communication and organisational skills
Experienced with IT assurance functions and auditing techniques (desirable)
Technical experience in using Microsoft PowerBi, ServiceNow and other GRC and security platforms (advantageous)
Proactive development of trending knowledge and skills within information security community
We are an equal opportunities employer and welcome applications from all suitably qualified persons regardless of their race, sex, disability, religion/belief, sexual orientation, gender reassignment, marriage and civil partnerships, pregnancy or maternity or age.