Cyber Security Risk Analyst

Posted 28 September by Ardonagh
Easy Apply

Register and upload your CV to apply with just one click

Purpose & Key Responsibilities of the Role:

This role will provide support in the delivery of proactive 'security by design’ consultancy as a technical security SME by overseeing and/or supporting the business in identifying appropriate security solutions and ensuring alignment to security polices, standards and minimum controls (and where applicable, industry standards at a technical level i.e. CIS). The role holder will look to ensure that the business adheres with expected minimum requirements and operates within agreed risk appetites for information, data and cyber security in relation to the delivery of IT projects, supplier onboarding and ongoing assurance, and mergers and acquisitions.

The role holder will assist in proactively identifying, assessing, consulting on and addressing areas of security risk and potential business and customer impact, aligning processes and controls to the Information and Cyber Security framework and internal security management system, group risk and audit objectives, and overall business cyber security strategy; identifying and driving continual improvements to the security posture of the group and segments. The role holder will be expected to understand areas of concern and in conjunction with business stakeholders, provide advice and recommendations and support resolution or mitigation as required.

Job Description:

Essential criteria - must be clearly demonstrated on CV

  • Previous experience working in a specialist technical security role in a complex technical environment
  • Professional Security Qualification (for example, Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM), Certified Cloud Security Professional (CCSP), Certified in Risk and Information Systems Control (CRISC), CompTIA Security+
  • Information security, Data protection and Privacy, Information risk management, associated security standards and control frameworks e.g. ISO27001, NIST, Cyber essentials, CIS20, Cloud security etc.
  • Broad knowledge of current / up to date technologies in the cyber security field.
  • Incident management, investigations and response
  • Security Risk assessment methodologies
  • Minimum of 2+ years of technical security experience
  • Working in regulated environments such as financial services.
  • Experience of information security and data protection practice in financial services
  • Vocational Diploma or Honours Degree or recognised industry qualification in Cyber Security, Computer Science and/or Engineering preferable.
  • Experience of working within cyber security & information security teams within an international business of scale and complexity
  • Excellent knowledge of IT and information security policies and practices

Desirable (can be evidenced by industry experience without formal qualification)

  • ITIL
  • ISO27001
  • PCI-DSS

Please apply online

Reference: 40972946

Bank or payment details should never be provided when applying for a job. For information on how to stay safe in your job search, visit SAFERjobs.

Report this job