We are looking for a skilled Information Security Analyst to join our team. As an Information Security Analyst, you will play a key role in ensuring the security posture of our organization.
The ideal candidate will have a good understanding of security controls, risk management, and security awareness programs. They will also have experience delivering security assurance activities to ensure security standards and regulatory requirements are met.
* Governance, Risk & Compliance (GRC)
You will maintain and improve the risk management framework aligned with industry standards such as ISO27001 and regulatory requirements.
* Develop, maintain, and enforce information security policy, standards, and procedures.
* Maintain and improve the risk management framework aligned with industry standards such as ISO27001 and regulatory requirements.
* Document, manage, and track security risks on the information security risk register and report key risk indicators (KRIs) and metrics as part of periodic management reporting.
* Conduct periodic risk assessments and risk and control self-assessments (RCSAs) to identify risks and assess control effectiveness.
* Work with IT teams to ensure security controls are in place and effective.
* Support internal and external audits, ensuring our control landscape meets internal and external compliance requirements, logging and tracking findings through to resolution.
* Prepare and present periodic risk and compliance reports to governance forums.
* Security Awareness
You will design and deliver engaging security awareness programs and phishing simulations.
* Design and deliver engaging security awareness programs and phishing simulations.
* Develop training materials tailored to different roles and departments.
* Monitor training effectiveness and adjust content based upon user feedback and threat trends.
* Promote a culture of security through campaigns, newsletters, and events.
* Third-Party Security Assurance
You will provide support for vendor and outsourcing risk management responsibilities.
* Provide support for the Third-Party Security Lead's vendor and outsourcing risk management responsibilities.
* Work with technical teams, security suppliers, and vendor management teams to conduct security assurance on third-party vendors as needed.
* Evaluate third-party vendors to ensure alignment with our security standards.
This role requires strong analytical skills, attention to detail, and excellent communication skills. If you have a passion for information security and a desire to work in a fast-paced environment, we encourage you to apply.