Security Governance & Risk Analyst
Salary:
Opportunity type:
Location:
Specialism:
Date posted:
Opportunity reference:
Opportunity description
This vacancy has now expired. Please see similar roles below...
Stanton House have partnered with a global, market leading, Digital Marketing and Adverting Agency, who are in the processes of further growing their Information & Cyber Security function and are recruiting a Security Governance & Risk Analyst, who will be based out of their London office.
This is a full-time permanent role, with an attractive salary and benefits package for the right person.
This is a £5bn turnover company, who have over 50,000 employees, operate in over 145 countries worldwide, and boast a diverse, and exciting portfolio of clients. This business crafts powerful strategic ideas that ground brands in platforms, to create impact & sustain connections.
Role Overview:
The Security function are responsible for the scope and delivery of both cyber security and business continuity activities that cover every one of our offices located across 150 countries globally. Led by the Head of Security GRC our Governance, Risk and Compliance team are responsible for an extensive programme covering security governance frameworks and certifications, employee education & awareness, third party assurance and business continuity management.
Joining our expanding and ambitious Security GRC team you will be reporting directly to the Governance & Risk Manager within our newly formed Security Governance & Risk team. The successful candidate will have gained at least two years' experience having supported a security governance and compliance program - ideally within a global organisation. The role will offer exposure to the wider Security team (including Cyber Operations and Architecture) in addition to the opportunity to develop and embed global security policies and standards, manage our security risks and support the delivery of our advanced reporting capability.
Role responsibilities:
- Risk remediation to support ISO27001 certification project
- Support the security compliance process to ensure adherence to defined standards and policies
- Coordinate information security risk assessments using the defined information security risk management process
- Maintain the global security risk register
- Report on the design and operation effectiveness of security controls
- Development of security metrics via reporting dashboards for our global and regional executives
- Perform internal audits measuring compliance with documented information security policies, standards and processes
- Actively contribute to security initiatives to increase employee awareness
- Maintain the information security improvement plan ensuring actions are completed by the agreed target dates
- Assist in reviewing and redesigning internal processes and systems to ensure information confidentiality, integrity and availability
- Define and maintain a record of compliance obligations mapping the evidence required to demonstrate alignment.
Candidate Profile
- Achieved or working towards an information security qualification (CISSP, CISM, CISA, CRISC) (desirable)
- Strong working knowledge of ISO 27001
- Experience of security compliance initiatives within an enterprise technology environment such as NIST CSF, CSA, PCI DSS, Cyber Essentials
- Knowledge of all domains within security covering people, process and technology
- Understanding of security risk analysis techniques
- Working knowledge of global data protection legislation
- Ability to explain technical complex concepts to non-technical audiences combined with excellent communication and organisational skills
- Experienced with IT assurance functions and auditing techniques (desirable)
- Is demonstrably self-motivated, pro-active, action orientated to achieve deadlines
- Interest in their own personal development within security governance
- Proactive development of trending knowledge and skills within information security community
Similar opportunities
£100000.00 - £110000.00 per annum + bonus
London
Up to £500.00 per day + IR35 to be determined
South East England
Up to £500.00 per day + IR35 to be determined
South East England
£800 - £1300 per day
London