IT Risk and Security Analyst - Governance; CISM; CISA; CISSP; MBCI

Proprius Recruitment Ltd
£40,000 to £55,000 + Excellent Bonus & Benefits
06 Oct 2017
06 Nov 2017
Contract Type
Full Time
Senior IT Risk and Security Analyst - Governance; CISM; CISA; CISSP; MBCI; ISO 27000, ISO 22301, ISF SOGP, COBIT One of the UK's largest and most respected Insurance and Investment companies is looking for a skilled IT Risk & Security Analyst to join their expanding team. Working as a Senior IT Risk and Security Analyst - Governance means becoming part of a brand with a global reputation and an exciting vision: to be the leader in helping customers achieve their long-term financial goals. If you're inspired to join us, and if you have the necessary qualities, then this could be the opportunity you've been looking for. As a Senior IT Risk and Security Analyst- Governance within the IR&S Governance and Risk Management team, you will play a key role in managing IT and Information Security Risk effectively on behalf of the company This is an interesting and varied role, involving interaction with stakeholders at all levels of the organisation, both directly and via involvement in Governance committees and working groups. As well as driving development of the IT and Information Security policy control frameworks, and ensuring accurate and timely reporting of risk and compliance, the successful candidate will have the opportunity to develop and deliver education and awareness activities across the UK business. We are seeking to achieve a blend of experience within this team, so whilst a breadth and depth of knowledge and experience is desirable you don't need to be fully experienced or have knowledge of all aspects of IT risk and security, provided you can demonstrate excellent learning ability and a genuine interest in building your career in this area, coupled with some relevant experience (e.g. technology audit, risk management, business continuity) and strong interpersonal skills. Key responsibilities: - Managing and reporting IT and information security risk via OpenPages risk register and associated processes * Assessment and reporting of compliance with IT and Information Security Policy via governance returns, e.g. Turnbull SYSC * Creation and delivery of Information security and IT MI to support management decision making * Providing responses to Information Security due diligence requests from clients/prospects and advice on contractual clauses * Support for and contribution to Governance committees and working groups * Providing consultancy and guidance to ensure common understanding of policy / framework requirements * Delivery and maintenance of team processes, guidance, templates, trackers to enable full audit trail of activity * Planning and delivery of communication and awareness activities programme * Staying abreast of regulatory, legislative aspects and industry best practice Skills and Knowledge; - Graduate in relevant subject or relevant professional qualification (e.g. CISM /CISA / CISSP / MBCI) * Experience of IT / information security / business continuity / risk management, ideally within a regulated environment * Knowledge / awareness of IT / information security / business continuity management policies, governance frameworks and best practice (e.g. ISO 27000, ISO 22301, ISF SOGP, COBIT) * Knowledge / experience of IT / information security risk and controls oversight * Strong networking and stakeholder management * Strong written and verbal communication skills * Ability to work independently and manage multiple work items concurrently People who work here agree that ours is a great place to work with a brilliant team spirit. It's also an innovative, high-performing commercial environment that's totally focused on customers. You will get all the support you'd expect, including full training and professional development. You'll receive a competitive salary and reward package. And in a fast-changing world, you'll join an organisation that's leading the way in helping customers achieve their long-term financial goals.
This job was originally posted as