Jobs

Security Analyst


Job details
  • HAYS
  • Cambridge
  • 6 days ago

Job for GRC Analyst

Job Overview:The Our Client Technology and Cyber Security Risk Analyst will be working closely with Our Client business stakeholders, customers, and suppliers to identify and understand risk so it can be effectively managed through ServiceNow’s IRM module. You will have previous experience in transforming a GRC department and be able to directly transform current services as well as support business as usual activity. This is a global role with responsibility for responding to information security needs across the entire Our Client corporation.An ideal candidate will have a demonstrated ability to drive security risk change, compliance, and business outcomes, can present security practices to business stakeholders, customers and suppliers, is detail oriented and able to operate effectively under pressure.Responsibilities:· Support internal and external stakeholders on matters of risk assessments and framework requirements (working knowledge of NIST CSF, 800-53). Ensuring security and compliance requirements are understood by those stakeholders· Driving transformational change to the Technology and Security Risk program as it evolves to meet changing organizational and regulatory needs. · Help build and maintain an effective third party risk assessment program· Perform supplier risk assessments, contract reviews, respond to customer security questionnaires and establish that Our Client security and compliance requirements are understood.· Develops tactical and trusted relationships within business stakeholders, partners and vendors. Awareness of project management techniques, while having the ability to support meetings when required.· Ability to present clear, consistent information and professional risk reporting to directorate and executive to highlight highest priority risks and their treatment plans. · Work directly with internal business partners to assist in the identification and assessment of potential security risks, establish risk owners, ratings, and management action plans· Develop Standard Operating Procedures (SOP) to document procedures for risk assessments, third party assessments, and business process workflows for Security Governance, Risk, and Compliance· Document recommendations and implementation of corrective action plans to remediate issues for identified deficiencies. Monitor the progress of plans for on time completion· Counsel and guide business partners in identifying risks and potential risk mitigation alternatives commensurate with the risk identified and consistent with risk appetiteUtilizing working knowledge of IRM (Integrated Risk Management) of ServiceNow to build GRC processes within it.· Ensure that fundamental information on accountable technology is accurate (e.g. KB Articles / process maps / training documents and presentations / RACI / Contract information).· Identify problems that cause negative impact to Our Client or the team and help to create solutions.· Provide on-the-job training and peer review to team members· Feed recommendations into strategic plansRequired Skills and Experience :· Security qualifications. i.e., CISSP, CISM.· Work directly with technology, and business partners to assess security risk controls to ensure data is adequately safeguarded· Experience in conducting internal security assessments and reviews· Experience in articulating and documenting information security risks· Customer driven; help bring the voice of customer into every technical decision.· Influencing the security agenda across a large enterprise.· Experience with security and privacy controls deployed in large enterprise and cloud environments· Able to independently solve straightforward problems by investigating fully and provide recommended solutions for more sophisticated problems.· A driven demeanour will thrive at Our Client. Proactive mentality is a must.· Ability to clearly communicate information security concepts and complex technical topics to a wide audience of both technical and non-technical personnel (business leaders, auditors, legal staff, engineers)· Execution oriented with an ability to manage multiple projects simultaneously with a focus on outcomes driving impact· Ability to effectively work and collaborate with technical and non-technical resources.· Demonstrates the ability to manage and prioritize multiple projects simultaneously and adapt to rapidly changing schedules, priorities, and workflows.· Attention to detail, ability to multi-task and maintain composure when under pressure· Agile, self-starter and can prioritize quickly and effectively. Contributes through the quality, accuracy and timeliness of the tasks/services provided by self, and quality control of work provided by others.“Nice To Have” Skills and Experience :· Hands on experience implementing security within public cloud services (AWS, Azure, Google)· Good familiarity with other Enterprise Security organization (can identify which team fulfils which roles) and a Solid understanding of ITIL processes.· Experience working in a security role focused on technical controls, services and procedures. · Demonstrates a good understanding of the variety of technical security control concepts, procedures and systems (e.g., Email Security, AV, EDR, Firewalls).· Experience with Configuration Management Database (CMDB)· Strong familiarity with security standards, and audit requirements including NIST CSF, 800-53, ISO 27001, PCI DSS, and SOC 2 Type 2 reports
In Return:Our Client is an equal opportunity employer, committed to providing an environment of mutual respect where equal opportunities are available to all applicants and colleagues. We are a diverse organization of dedicated and innovative individuals, and don’t discriminate on the basis of any characteristic 


If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV, or call us now.
If this job isn't quite right for you, but you are looking for a new position, please contact us for a confidential discussion on your career.
# 4598870

Sign up for our newsletter

The latest news, articles, and resources, sent to your inbox weekly.

Similar Jobs

Security Analyst

Hiring: IAM Analyst – Operational Focus | Financial ServicesOur client, a global leader in financial services, is seeking anIAM Analyst with an operational focusto support their Identity and Access Management (IAM) framework. This is an exciting opportunity to join a high-caliber team, helping to secure critical assets and improve operational...

Harrington Starr London

Security Analyst

XDR Security AnalystSummaryToday, it is an unavoidable fact that your business critical infrastructure and systems are at risk of attack. The key to good security is a clear understanding of what is most critical to the business. Where you do not have enough internal resources, time or skills to monitor...

NCC Group Newcastle upon Tyne

Security Analyst

XDR Security AnalystSummaryToday, it is an unavoidable fact that your business critical infrastructure and systems are at risk of attack. The key to good security is a clear understanding of what is most critical to the business. Where you do not have enough internal resources, time or skills to monitor...

NCC Group Bristol

Security Analyst

XDR Security AnalystSummaryToday, it is an unavoidable fact that your business critical infrastructure and systems are at risk of attack. The key to good security is a clear understanding of what is most critical to the business. Where you do not have enough internal resources, time or skills to monitor...

NCC Group

Security Analyst - SC/ DV / SOC

Security AnalystSecurity Analyst - DV / SC / SOC / Threat / Security / Cyber / Analyst £40,000 - £45,000 (depending on experience) + attractive benefits, on-site Wiltshire.Are you a talented Security Analyst looking for an exciting opportunity to join a globally renowned organisation? Our client, a global technology powerhouse,...

Adecco South West England

Security Analyst

Are you a security whiz looking to make a real impact?Digital Waffle is seeking a talented Security Analyst to join our clients growing team. This is a fantastic opportunity to work on challenging projects, learn from industry experts, and help protect our clients' critical systems.What you'll be doing:Proactively monitoring and...

Digital Waffle Oxford