SonicJobs Logo
Left arrow iconBack to search

Senior Information Risk Analyst ( Chester / Hybrid )

Michael Page
Posted 13 days ago, valid for 6 days
Location

Chester, Cheshire CH12JH, England

Salary

£60,000 - £70,000 per annum

Contract type

Full Time

By applying, a CV-Library account will be created for you. CV-Library's Terms & Conditions and Privacy Policy will apply.

Sonic Summary

info
  • This role is focused on supporting the Information Security Risk program to protect the organization and its stakeholders.
  • The position requires a minimum of 3 years of experience in IT Governance, Risk, and Compliance (GRC), particularly in information security risk management.
  • The salary for this role is competitive, reflecting the candidate's experience and qualifications.
  • The job offers excellent career prospects, hybrid working arrangements, and benefits including Private Medical and Life Assurance.
  • Candidates should possess strong stakeholder management skills and familiarity with security best practices such as ISO27001 and NIST.

This role will take the key part in supporting the Information Security Risk program, ensuring it's effectively implemented to protect the organisation, its customers, and stakeholders. You will report to the Head of Information Security GRC. This role is a hybrid role with 2 days working on-site in Chester

Client Details

My client is a global software development business, who is keen to offer both career and professional development to its employees.

Description

  • Contribute to the execution of the information security strategy, including advanced global projects.
  • Increase awareness of risk identification and management within the organisation.
  • Oversee and update the information security risk register to ensure compliance with policy.
  • Generate, manage, and analyse risk management data
  • Collaborate with business leaders to manage risks in accordance with policy.
  • Develop and deliver risk education and awareness training across the organisation.
  • Conduct risk assessments for new projects.
  • Manage supplier risk activities, including contract reviews.
  • Establish and maintain the Operational Resilience and Redundancy program.
  • Plan and coordinate annual resilience testing, supporting business functions to meet expectations.
  • Lead and conduct annual business impact analyses.
  • Respond to customer and supplier requests for information security risk information

Profile

  • Demonstrated experience in IT GRC ideally focusing on information security risk management.
  • Excellent stakeholders management skills
  • Experience in 3rd party risk management
  • Familiar with security best practices: ISO27001, NIST, Cyber Essentials plus, PCI DSS
  • With experience in Business Continuity is preferred
  • With certifications of CRISC / CISM / CISMP is preferred

Job Offer

  • Excellent career prospect and support in professional development
  • Hybrid working
  • Private Medical and Life Assurance

Apply now in a few quick clicks

By applying, a CV-Library account will be created for you. CV-Library's Terms & Conditions and Privacy Policy will apply.