Security Risk Assessor - Reigate, United Kingdom - Willis Towers Watson
Description
Security Risk Assessor- Reigate, GB
We are looking for a Cyber Risk Assurer to support the Technology division of the Insurance Consultancy and Technology (ICT) business unit in managing cyber security risk, particularly in its expanding SaaS portfolio.
As a cyber risk assurer, you will:
- Work with development teams to identify cyber security risks, agree management of those risks and proactively monitor risks and agreed remediations;
- Respond to client security questionnaires and RFPs promptly, consistently and accurately;
- Develop, support and maintain the knowledge database of products within the RFP tool, Loopio;
- Support audit compliance work, particularly with the identification, gathering and maintenance of evidence libraries for client audits and international standards audits
- Support the development and running of Security Working Groups, including tracking activity and liaising with software delivery teams;
- Development and production of management information and monthly reports;
The essential skills / experience for this position are:
- Experience of working in a similar cyber security role within Governance, Risk and Compliance;
- Strong familiarity with responding to cyber security questionnaires and RFPs, and with using and maintaining tools to facilitate this process;
- Good understanding of cyber security concepts, controls and cyber risk management;
- Broad understanding of international security standards, such as SOC2, ISO27001, and of related legislation and regulation, such as GDPR;
- Good analytic thinking, written and oral skills;
- A genuine interest in cyber security, and a desire to learn more;
- A desire to work closely and cooperatively with software developers, platform managers, operations teams and all those critical to the development and running of desktop and SaaS products
Desirable skills / experience for this position are:
- Experience of working in DevSecOps environments
- Experience of working in the Cloud environment with Cloud controls
- Experience of being part of a team of security, assurance, and/or compliance professionals
- Information Security specific qualifications (such as CISM, CISSP, CISA)
- Degree in a relevant Business or Information Technology area
- Experience of working within internal or external audit, either within a previous organisation or as part of a professional services firm is desirable
More jobs from Willis Towers Watson
-
Technical Claims Consultant
London, United Kingdom - 1 week ago
-
Membership Administrator-12 Months Ftc
Northwich, United Kingdom - 6 days ago
-
Training & Competency and Compliance Supervisor
London, United Kingdom - 3 weeks ago
-
Client Service Team Member
Cross, United Kingdom - 1 month ago
-
Account Executive, Account Services
London, United Kingdom - 1 week ago
-
Financial Security Analyst
Ipswich, Suffolk, United Kingdom - 4 weeks ago