IS Analyst ( Risk)

Position: Information Security Analyst

The Information Security Analyst (Risk) is responsible for the coordination of Information Security risk management activities within our Global Office. You will work with teams from across the organisation, supporting them with the identification and assessment of departmental security risks, leading security assessments on our current and prospective third parties, supporting risk owners with the definition of risk mitigation and treatment strategies and ensuring they are actioned accordingly. You will provide visibility and assurance to the Risk and Compliance and wider organisational leadership on the status of organisational risks.

Key accountabilities

• Maintaining our Information Security risk register.
• Supporting operational teams with the identification and assessment of departmental security risks.
• Completing due diligence and risk assessments on third parties.
• Providing guidance on risk mitigation or remediation activities.
• Collaborating with teams across the organisation on the definition of responses to due diligence assessments.
• Producing KPIs for leadership to track assurance requests, their volumes, status and reporting on their delivery.
• Supporting with internal and external audit requirements (inc. ISO 27001 and SOC2).
• Communicating with all relevant stakeholders regarding information security compliance projects/topics and other general communications.

Qualifications and Experience

You meet the following requirements:

• A bachelor's degree in information security, information technology or a related field or relevant industry certifications such as CompTIA Security+ etc.
• A minimum of 3 years of working experience (in either information security governance, Information Security risk management, compliance or in a related information security role). It helps if you have worked within a large and complex organisational structure.
• Experience in both information systems governance, technical controls and their application.
• Experience engaging with third party suppliers.
• The ability to communicate fluently in English. Ability to speak a second language is a plus.
• Experience with GRC tools (such as ServiceNow).

As a person you have:

• Strong written and oral communication skills;
• The ability to establish and maintain relationships;
• The ability to be independent, decisive and a self-supporting team player;
• Strong analytical skills, broad interests and intrinsic curiosity.