SonicJobs Logo
Left arrow iconBack to search
  1. Home
  2. Cambridge
  3. Ict security manager
  4. Security Analyst

Security Analyst

Hays Specialist Recruitment Limited
Posted 23 days ago, valid for 10 days
Location

Cambridge, Cambridgeshire CB2 8AG, England

Salary

拢30,000 - 拢60,000 per annum

info
Contract type

Full Time

In order to submit this application, a Reed account will be created for you. As such, in addition to applying for this job, you will be signed up to all Reed鈥檚 services as part of the process. By submitting this application, you agree to Reed鈥檚 Terms and Conditions and acknowledge that your personal data will be transferred to Reed and processed by them in accordance with their Privacy Policy.

Sonic Summary

info
  • Salary: Not specified
  • Experience required: Previous experience in transforming a GRC department
  • Responsibilities include supporting stakeholders on risk assessments, driving transformational change, building third party risk assessment program, and developing SOPs for risk assessments
  • Required skills include security qualifications (CISSP, CISM), experience in conducting internal security assessments, and ability to communicate security concepts to technical and non-technical personnel
  • "Nice to have" skills include hands-on experience with public cloud services, familiarity with ITIL processes, and understanding of technical security control concepts

Job Overview:The Our Client Technology and Cyber Security Risk Analyst will be working closely with Our Client business stakeholders, customers, and suppliers to identify and understand risk so it can be effectively managed through ServiceNow's IRM module. You will have previous experience in transforming a GRC department and be able to directly transform current services as well as support business as usual activity. This is a global role with responsibility for responding to information security needs across the entire Our Client corporation.An ideal candidate will have a demonstrated ability to drive security risk change, compliance, and business outcomes, can present security practices to business stakeholders, customers and suppliers, is detail oriented and able to operate effectively under pressure.Responsibilities:路 Support internal and external stakeholders on matters of risk assessments and framework requirements (working knowledge of NIST CSF, 800-53). Ensuring security and compliance requirements are understood by those stakeholders路 Driving transformational change to the Technology and Security Risk program as it evolves to meet changing organizational and regulatory needs. 路 Help build and maintain an effective third party risk assessment program路 Perform supplier risk assessments, contract reviews, respond to customer security questionnaires and establish that Our Client security and compliance requirements are understood.路 Develops tactical and trusted relationships within business stakeholders, partners and vendors. Awareness of project management techniques, while having the ability to support meetings when required.路 Ability to present clear, consistent information and professional risk reporting to directorate and executive to highlight highest priority risks and their treatment plans. 路 Work directly with internal business partners to assist in the identification and assessment of potential security risks, establish risk owners, ratings, and management action plans路 Develop Standard Operating Procedures (SOP) to document procedures for risk assessments, third party assessments, and business process workflows for Security Governance, Risk, and Compliance路 Document recommendations and implementation of corrective action plans to remediate issues for identified deficiencies. Monitor the progress of plans for on time completion路 Counsel and guide business partners in identifying risks and potential risk mitigation alternatives commensurate with the risk identified and consistent with risk appetiteUtilizing working knowledge of IRM (Integrated Risk Management) of ServiceNow to build GRC processes within it.路 Ensure that fundamental information on accountable technology is accurate (e.g. KB Articles / process maps / training documents and presentations / RACI / Contract information).路 Identify problems that cause negative impact to Our Client or the team and help to create solutions.路 Provide on-the-job training and peer review to team members路 Feed recommendations into strategic plansRequired Skills and Experience :路 Security qualifications. i.e., CISSP, CISM.路 Work directly with technology, and business partners to assess security risk controls to ensure data is adequately safeguarded路 Experience in conducting internal security assessments and reviews路 Experience in articulating and documenting information security risks路 Customer driven; help bring the voice of customer into every technical decision.路 Influencing the security agenda across a large enterprise.路 Experience with security and privacy controls deployed in large enterprise and cloud environments路 Able to independently solve straightforward problems by investigating fully and provide recommended solutions for more sophisticated problems.路 A driven demeanour will thrive at Our Client. Proactive mentality is a must.路 Ability to clearly communicate information security concepts and complex technical topics to a wide audience of both technical and non-technical personnel (business leaders, auditors, legal staff, engineers)路 Execution oriented with an ability to manage multiple projects simultaneously with a focus on outcomes driving impact路 Ability to effectively work and collaborate with technical and non-technical resources.路 Demonstrates the ability to manage and prioritize multiple projects simultaneously and adapt to rapidly changing schedules, priorities, and workflows.路 Attention to detail, ability to multi-task and maintain composure when under pressure路 Agile, self-starter and can prioritize quickly and effectively. Contributes through the quality, accuracy and timeliness of the tasks/services provided by self, and quality control of work provided by others."Nice To Have" Skills and Experience :路 Hands on experience implementing security within public cloud services (AWS, Azure, Google)路 Good familiarity with other Enterprise Security organization (can identify which team fulfils which roles) and a Solid understanding of ITIL processes.路 Experience working in a security role focused on technical controls, services and procedures. 路 Demonstrates a good understanding of the variety of technical security control concepts, procedures and systems (e.g., Email Security, AV, EDR, Firewalls).路 Experience with Configuration Management Database (CMDB)路 Strong familiarity with security standards, and audit requirements including NIST CSF, 800-53, ISO 27001, PCI DSS, and SOC 2 Type 2 reportsIn Return:Our Client is an equal opportunity employer, committed to providing an environment of mutual respect where equal opportunities are available to all applicants and colleagues. We are a diverse organization of dedicated and innovative individuals, and don't discriminate on the basis of any characteristic If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV, or call us now.If this job isn't quite right for you, but you are looking for a new position, please contact us for a confidential discussion on your career.

Hays Talent Solutions is a trading division of Hays Specialist Recruitment Limited and acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found at hays.co.uk

Apply now in a few quick clicks

In order to submit this application, a Reed account will be created for you. As such, in addition to applying for this job, you will be signed up to all Reed鈥檚 services as part of the process. By submitting this application, you agree to Reed鈥檚 Terms and Conditions and acknowledge that your personal data will be transferred to Reed and processed by them in accordance with their Privacy Policy.

Logo
SonicJobs
Your next career move. Sorted.
Search jobsbackground image

Contact us

漏 2017 - 2024 SonicJobs App Ltd. All rights reserved

Terms & Conditions聽|聽Privacy Policy聽|聽AI Agent聽|聽Browse Jobs