Information Security Risk and Compliance Analyst - London, United Kingdom - Auricoe

    Auricoe
    Auricoe London, United Kingdom

    Found in: Jooble UK O C2 - 1 week ago

    Default job background
    Description

    A FTSE 100 blue chip Media organisation based in Central London requires an Information Security Risk Analyst / Info Sec Risk Analyst to join a large and rapidly expanding team.

    The role is a fully hybrid position - 1 day a week in the office (4 days / week homeworking)

    The Information Security Risk Analyst / Information Security Analyst / IT Risk role will be responsible for assessing security risks and monitoring risk indicators and remediation activities across the Group.

    Key Responsibilities - Information Security Risk Analyst

    Supporting the Information Security Risk Manager in building and maintaining the Risk framework in the Information Security Risk Register tool.

    Understand and measure the information security risk posture of divisions to assess security risks and monitor remediation activities.

    Report on the status of risks and on the risk profile of divisions to the InfoSec team and the Risk Committee as needed.

    Perform risk assessments in line with security best practice.
    Record risks in the Information Security Risk Register, and updating those with findings, controls and remediation plans.
    Provide advice and guidance on risk remediation actions.

    Support the Information Security Risk Manager with the development, delivery and management of reporting capabilities on Information Security risks and Key Risk Indicators.

    Liaise with business stakeholders to advise them on the status of their security risks.
    Support divisional Information Security Officers with their security risk assessments.
    Work collaboratively with the Third Party Risk Analyst to ensure consistent risk analysis and management.
    Contribute to the overall Information Security programme of improvements across the Group.
    Skills & Experience - Information Security Risk Analyst
    ~3-5 years of experience in Information Security (InfoSec) Risk fundamentals.
    ~ Experience in working with Governance Risk Compliance (GRC) tools.
    ~ Experience in performing impact, likelihood and risk analyses / assessments.
    ~ Ability to 'translate' technical security issues to business risk.
    ~ Effective and creative problem-solving skills.
    ~ Understanding of (InfoSec) risk management concepts
    ~ This is an outstanding Information Security Risk Analyst opportunity with one of the most renowned InfoSec team, with a track record of training, developing and rapidly promoting Info Sec Analyst talent.