Senior IT Risk and Security Analyst - Global Insurance Brand
Our client is one of the world?s largest insurance companies with a reputation for security excellence and an exciting vision. They require a Senior IT Risk and Security Analyst to help their customers achieve their long-term financial goals.
As a Senior IT Risk and Security Analyst within the overarching Information Security and Governance team, you will play a key role in managing enterprise IT and Information Security Risk effectively.
This is an interesting and varied role, involving interaction with stakeholders at all levels of the organisation, both directly and via involvement in Governance committees and working groups. As well as driving development of the IT and Information Security policy control frameworks, and ensuring accurate and timely reporting of risk and compliance, the successful candidate will have the opportunity to develop and deliver education and awareness activities across businesses UK operations.
The role requires an individual with a blend of experience. While a breadth and depth of knowledge and experience is desirable you don?t need to be fully experienced or have knowledge of all aspects of IT risk and security, provided you can demonstrate excellent learning ability and a genuine interest in building your career in this area, coupled with some relevant experience (e.g. technology audit, risk management, business continuity) and strong interpersonal skills.
- Managing and reporting IT and information security risk via OpenPages risk register and associated processes
- Assessment and reporting of compliance with IT and Information Security Policy via governance returns, e.g. Turnbull SYSC
- Creation and delivery of Information security and IT MI to support management decision making
- Providing responses to Information Security due diligence requests from clients/prospects and advice on contractual clauses
- Support for and contribution to Governance committees and working groups
- Providing consultancy and guidance to ensure common understanding of policy / framework requirements
- Delivery and maintenance of team processes, guidance, templates, trackers to enable full audit trail of activity
- Planning and delivery of communication and awareness activities programme
- Staying abreast of regulatory, legislative aspects and industry best practice
Skills and Knowledge:
- Graduate in relevant subject, relevant professional qualification (e.g. CISM /CISA / CISSP / MBCI) or willingness to undergo training courses
- Experience of IT / information security / business continuity / risk management, ideally within a regulated environment
- Awareness of IT / information security / business continuity management policies, governance frameworks and best practice (e.g. ISO 27000 series, ISO 22301, ISF SOGP, COBIT)
- Knowledge of information security risk and controls oversight
- Able to network and communicate effectively with different stakeholders
- Strong written and verbal communication skills
- Ability to work independently and manage multiple work items concurrently
The company offers a state of the art working environment and a brilliant team spirit. You will get all the support you?d expect, including full training and professional development. Above and beyond the attractive salary and range of personal benefits, you will join an organisation that?s leading the way in helping customers achieve their long-term financial goals.
This job was originally posted as www.jobsite.co.uk/job/959350406