Information Security Risk Analyst
To provide expertise and assistance to ensure that YNAPs infrastructure and information assets are sufficiently protected. Working with the Information Security team, the individual will perform risk assessment reviews to support the supplier due diligence process.The Information Security Risk Analyst will use initiative to select and advise on the appropriate methods necessary for risk remediation and continual risk monitoring.
- Participates with business team(s) to gather a full understanding of project scope and business requirements
- Assists in the development of processes and procedures pertaining to risk assessments, assessment finding mediation and assisting risk owners with remediation plans.
- Assesses business requirements against security concerns and articulates issues and potential risks to business stakeholders.
- Analyses third party processes and requirements to determine conformance to YNAP security policies and procedures.
- Works directly with the third parties and internal YNAP departments to facilitate information security risk analysis and risk management processes and to identify acceptable levels of residual risk.
- Creates, disseminates and updates documentation of identified information security risks and controls.
- Provides support in the creation of reports which articulate information security trends and vulnerabilities.
- Assesses threats and vulnerabilities regarding information assets and recommends the appropriate information security controls and measures.
- Manage and maintain the Information Security Risk Register
- 5 + years Information Security experience
- Risk Management Background
- Supplier Security Assessments
- Experience with working within a control framework
- Knowledge of ISO 27000 series of standards, NIST Cybersecurity Framework, CIS Critical Security Controls.
- Effective interpersonal skills necessary to collaborate and influence all levels of personnel.
- Proficient verbal and written communication skills
Reports to: Information Security Risk ManagerLocation: London, W12Hours: 37.5hrs/weekTo Apply: Via WebsiteYOOX NET-A-PORTER GROUP is an equal opportunities employer, if you require any reasonable adjustments for your interview please do not hesitate to advise us accordingly.YOOX NET-A-PORTER GROUP is the world’s leading online luxury fashion retailer. The Group is a Global company with Anglo-Italian roots, the result of a game-changing merger, which in October 2015, brought together YOOX GROUP and THE NET -A-PORTER GROUP; the two companies had revolutionized the luxury fashion industry since their birth in 2000.YOOX NET-A-PORTER GROUP is a unique business with an unrivalled offering including multi-brand in-season online stores NET-A-PORTER and MR PORTER, and multi-brand off-season online stores YOOX and THE OUTNET, as well as numerous ONLINE FLAGSHIP STORES, all “Powered by YNAP”. Through a joint venture established in 2012, YOOX NET -A-PORTER GROUP has partnered with Kering to manage the ONLINE FLAGSHIP STORES of several of the French group's luxury brands. In 2016, YOOX NET-A-PORTER GROUP joined forces with Symphony, an entity controlled by Mohamed Alabbar’s family, to establish a ground-breaking joint venture to create the Middle East’s undisputed leader for online luxury retail.Uniquely positioned in the high growth online luxury sector, YOOX NET-A-PORTER GROUP has an unrivalled client base of more than 2.9 million high-spending customers, 29 million monthly unique visitors worldwide and combined 2016 net revenues of €1.9 billion. The Group has offices and operations in the United States, Europe, Japan, China and Hong Kong and delivers to more than 180 countries around the world. YOOX NET-A-PORTER GROUP is listed on the Milan Stock Exchange as YNAP.
This job was originally posted as www.cwjobs.co.uk/job/77568577