Cyber Risk Analyst Controls - Warwickshire, United Kingdom - Pontoon

Pontoon
Pontoon
Verified Company
Warwickshire, United Kingdom

3 weeks ago

Tom O´Connor

Posted by:

Tom O´Connor

beBee Recruiter
Description

Cyber Risk Analyst (Controls)

Utilities

Remote / 1-2 days per month in office in Warwick

6 months

£500 - £550 per day

In short:
Risk Analyst with an understanding of Cyber and Information Security required to join a multi-national energy company.

You'll be looking for gaps in controls, researching and performing risk assessments, remediating exposure andtesting of said controls for compliance.


Job Purpose:


To provide support to IT Delivery Centers (DC) in order to support, advise, challenge and monitor (through metrics and assessments) the way that risks are managed, controls are implemented, and findings are addressed.

To take the lead in improving processes and coaching more junior members of the team and reviewing their work.
This is a 2nd line of defence role within the 3 Lines of Defence model for Risk Management.


Primary Roles & Responsibilities:


  • To provide ongoing support, advice and challenge for the 1st line of defence. Build knowledge of, establish, and maintain good working relationships with, assigned DC(s).
  • To be an SME on specific risks and related controls by providing such advice and support.
  • To work with the IT DCs and other Digital Risk & Compliance (DRC) teams to evolve our risk universe and control framework to address identified weaknesses and emerging threats.
  • To assess the effectiveness of controls through the creation of KPIs/KRIs, analysis of metric data and by conducting design and operational control tests.
  • To ensure risks are accurately articulated and appropriate business and IT approval is sought where risks are being accepted or exceptions are being granted.
  • Work with the 1st line of defence to identify risk event root causes and remediation plans.
  • To manage risks, controls and findings within the Archer eGRC tool.
  • To review work done by other members of the team as part of defined QA processes.

Knowledge and Capabilities:


  • Knowledge of the 3 Line of Defence Model for Risk Management.
  • Able to demonstrate a high degree of credibility and influence senior stakeholders within the organisation.
  • Ability to communicate effectively both orally and in writing.
  • Excellent knowledge of information/cyber security and related principles.
  • Thorough knowledge of IT and information/cyber security controls.
  • Selfmotivated, able to deliver with mínimal supervision, and always aware of the "bigger picture".
  • Ability to interface effectively with other DRC Teams, Information Technology Leadership Team (ITLT), Control Owners, Control Operators, Enterprise Risk Management, Business Units

Qualification Requirements:


  • CRISC, CISA CIRM or IRM Certified
More jobs from Pontoon
See all jobs of Pontoon