Technical Control Monitoring Analyst

Ideas | People | Trust

We’re BDO. An accountancy and business advisory firm, providing the advice and solutions entrepreneurial organisations need to navigate today’s changing world.

We work with the companies that are Britain’s economic engine – ambitious, entrepreneurially-spirited and high‑growth businesses that fuel the economy - and directly advise the owners and management teams that lead them.

We’ll broaden your horizons

The Quality and Risk Management Team (QRM) provides leadership, guidance, and tools to help partners and staff manage quality and risk matters. The team is comprised of an Advisory and Compliance Team, a Chief Information Security Office Team, an Economic Crime Team, a Legal Team, the Independence and Ethics Team and the Regulatory Supervisory Team, plus the Quality Monitoring Team. The team works closely with the firm’s Technical Standards Group and the firm’s leadership.

We’ll help you succeed

Leading organisations trust us because of the quality of our advice. That quality grows from a thorough understanding of their business, and that understanding comes from working closely with them and building long-lasting relationships.

You’ll be someone who is both comfortable working proactively and managing your own tasks, as well as confident collaborating with others and communicating regularly with senior managers, directors, and BDO’s partners to help businesses effectively. You’ll be encouraged to identify and draw attention to opportunities for enhancing our delivery and providing additional services to organisations we work with.

Overview:

The Technical Control Monitoring Analyst role reports to the Cyber Assurance Manager and operates as a 2nd line of defense. The purpose is to use data analytics and metrics to provide insights into the Firm’s security posture leveraging data from various sources.

Key areas of responsibility:

• Design and Implementation: Develop and implement continuous controls monitoring (CCM) strategies and solutions to measure and report on the effectiveness of cybersecurity controls.
• Data Analysis: Analyze data from various sources to identify trends, anomalies, and areas for improvement in security controls.
• Performance Metrics: Establish and track Key Performance Indicators (KPIs) and Key Risk Indicators (KRIs) to measure the performance and coverage of security controls.
• Compliance Monitoring: Ensure compliance with internal security policies and external regulations, including frameworks like ISO/IEC 27001, CE+, CIS.
• Reporting: Generate comprehensive reports and dashboards to provide real-time visibility into the effectiveness of security controls.
• Collaboration: Work closely with IT, security, and compliance teams to address identified issues and enhance security posture.
• Continuous Improvement: Identify opportunities for continuous improvement in CCM processes and technologies.
• Internal Audit Integration: Collaborate with internal audit teams to align CCM activities with audit objectives and standards set by the Institute of Internal Auditors (IIA).

Qualifications:

• Education: Bachelor’s degree in computer science, Information Security, or a related field. Advanced degree preferred.
• Certifications: Relevant certifications such as CISSP, CISM, CISA, or equivalent are highly desirable.
• Experience: Demonstrable experience in cybersecurity, with a focus on continuous monitoring and compliance.
• Familiarity with IIA standards and practices is a plus.

Skills:

• Strong understanding of cybersecurity frameworks and standards.
• Proficiency in data analytics and visualization tools.
• Excellent problem-solving and analytical skills.
• Effective communication and collaboration abilities.
• Strong knowledge of modern Microsoft cloud and Desktop environments.

Behaviours and attitude:

• Excellent communication and organisational skills.
• Has the confidence to challenge the status quo when developing ideas and suggestions.
• Demonstrates personal commitment to change and continual improvement.
• Demonstrated ability to independently prioritise and manage competing work assignments in a time-sensitive environment.
• Shows a passion for Information Security and enthusiasm for quality and governance.
• Understands the importance of teamwork and shared motivation for the same goal.
• Encourages and facilitates cooperation and results, fostering an environment of collaboration.
• Builds both formal and informal professional networks.
• Embodies the BDO values.

You’ll be able to be yourself; we’ll recognise and value you for who you are and celebrate and reward your contributions to our business. We’re committed to agile working, and we offer everyone the opportunity to work in ways that suit them, their teams, and the task at hand.

At BDO, we’ll help you achieve your personal goals and career ambitions, and we have programmes, resources, and frameworks that provide clarity and structure around career development.

We’re in it together

Mutual support and respect is one of BDO’s core values and we’re proud of our distinctive, people-centred culture. From informal success conversations to formal mentoring and coaching, we’ll support you at every stage in your career, whatever your personal and professional needs. Our agile working framework helps us stay connected, bringing teams together where and when it counts so they can share ideas and help one another. At BDO, you’ll always have access to the people and resources you need to do your best work.

We know that collaboration is the key to creating value and satisfying experiences at work, so we’ve invested in state-of-the-art collaboration spaces in our offices. BDO’s people represent a wealth of knowledge and expertise, and we’ll encourage you to build your network, work alongside others, and share your skills and experiences. With a range of multidisciplinary events and dedicated resources, you’ll never stop learning at BDO.

We’re looking forward to the future

At BDO, we help entrepreneurial businesses to succeed, fuelling the UK economy. Our success is powered by our people, which is why we’re always finding new ways to invest in you. Across the UK thousands of unique minds continue to come together to help companies we work with to achieve their ambitions.

We’ve got a clear purpose, and we’re confident in our future, because we’re adapting and evolving to build on our strengths, ensuring we continue to find the right combination of global reach, integrity and expertise. We shape the future together with openness and clarity, because we believe in empowering people to think creatively about how we can do things better.