Technology Policy Analyst

Posted 15 October by NDK Consulting Ltd
Easy Apply

Technology Policy Governance Analyst, Financial Services, Data, London

Experienced in writing policy, requirements, controls and tooling to uphold compliance across technology? Business facing skills and foster the "enabler" approach? We could have the role for you…

NDK InfoSec are working closely with the Governance, Risk and Compliance team at a rapidly growing, global financial services and data organisation to recruit a new Technology Policy Governance Analyst. This is a brand-new role so yours to own, mould and develop.

Your role will be key to the business as you will have direct responsibility to support the Technology Policy Governance Manager in writing technology policies and controls (e.g. ISO 27001, NIST, SOX etc.), ensuring polcies and controls are implemented, measured and effective - on a global scale. We’re looking for someone who has written technology and/ or information security policy governance and policy control previously. Financial Services experience not required.

Key responsibilities:

  • Working in a new team to drive the development of technology and information security policies (e.g. ISO 27001, NIST etc.).
  • Responsible for ensuring that all technology policies and controls (e.g. ISO 27001, NIST, SOX etc.) are implemented, measured and effective.
  • Work very closely with technology architecture to ensure new and existing policies are operating effectively.
  • You will be responsible for implementing new technology policies and standards through complete lifecycle.
  • You will be responsible for constantly ensuring the effectiveness of policies and making remediations where necessary.
  • You will be key to the business and risk functions, for role to operate effectively you’ll need to consider yourself a business "enabler".

Key requirements:

  • Experience working within technology governance or information security governance.
  • Experience writing and implementing policies (e.g. ISO 27001, NIST, SOX etc.).
  • Experience in the management for existing technology policies and frameworks such as ISO 27001 or NIST.
  • ISO 27001 and/ or NIST experience would be highly advantageous.
  • Experience with GRC tooling would be highly beneficial.
  • The organisation is going through a large transition to ISO 27001 aligned policies so experience moving through this transition would be highly beneficial.

Required skills

  • Compliance
  • GRC
  • Policy
  • Information Security
  • ISO 27001

Reference: 39144166

Bank or payment details should never be provided when applying for a job. For information on how to stay safe in your job search, visit SAFERjobs.

Report this job