This job has expired

Governance Risk and Control Analyst/Tester

Proactive Appointments
Closing date
17 Sep 2021

View more

Technology & New Media
Contract Type
You need to sign in or create an account to save a job.
Governance Risk and Control Analyst/Tester

Inside IR35

Leading banking client requires an experienced Governance Risk and Control Analyst/Tester to join on an initial 6 month contract to conduct controls testing of cybersecurity controls against industry security frameworks (e.g., SOX ISO27001. NIST Cybersecurity Improvement framework, FFIEC).
  • Experience of working as an IT auditor, security auditor or governance, risk and compliance analyst
  • Good understanding of cybersecurity/IT control frameworks including but not limited to frameworks from SOX, FFIEC, ISO27001, NIST, Cloud Security Alliance, and PCI-DSS
  • Proven understanding of current best practice approach to security assurance and the application of security frameworks
  • Experience in project management
  • Planning and prioritizing multiple project work streams in response to rapidly developing and changing portfolios.
  • Experience of security risk management
  • Broad knowledge of computer, networking and IT security systems including operating systems, databases, firewalls, SIEM, DLP etc
  • Ability to handle ambiguity and make decisions and recommendations with limited data
  • Solid analytical/problem-solving skills with capability to identify solutions to unusual and complex problems
  • Good presentation, documentation and reporting skills

Essential skills:
  • Experience in managing multiple tasks with broad scope, ambiguity, and high degree of difficulty
  • Experience in providing assurance for cybersecurity technologies, policies, standards and procedures
  • Demonstrable proficiency in a wide range of information IT security domains such as Security Governance, Identity and Access Management, Access Controls, Threat Intelligence, Asset Management, Risk Management, Security Assessment/Testing, Security Incident Management and Vulnerability and Patch Management
  • Possessing high level of analytical ability where problems are typically unusual and difficult
  • Ability to maintain a working knowledge of cybersecurity principles and elements
  • Understand global IT risk management structure
  • Demonstrable experience of senior stakeholder management and relevant management reporting.
  • Ability to coach team members through knowledge transfer and constructive feedback

Governance Risk and Control Analyst/Tester

Due to the volume of applications received for positions, it will not be possible to respond to all applications and only applicants who are considered suitable for interview will be contacted.

Proactive Appointments Limited operates as an employment agency and employment business and is an equal opportunities organisation

We take our obligations to protect your personal data very seriously. Any information provided to us will be processed as detailed in our Privacy Notice, a copy of which can be found on our website
You need to sign in or create an account to save a job.

Get job alerts

Create a job alert and receive personalised job recommendations straight to your inbox.

Create alert