Description
* Assist in the design and delivery of security risk management policies and standards.
* Support collaboration with senior management to coordinate a consistent framework and approach to security risk planning, regulatory awareness, adherence, testing, due diligence responses, and reporting on KPIs and KRIs.
* Support the development of inputs and outputs for relevant governance bodies, and prepare reports for the business.
* Maintain the database of client-issued RfP's and RfI's; respond to internal and external database knowledge requests.
* Support the execution of security training Group-wide, differentiating employee groups by risk profile and seniority.
* Execute the risk assessment, remediation and monitoring of information and technology risks associated with the business; report identified risks to business stakeholders and provide remediation recommendations.
* Support engagement with business stakeholders, business/application/solution architecture, IT and operational teams.
* Assist with business cases for the acquisition of new security solutions to drive performance and innovation.
* Support 'proof of concepts' within Security Risk and Information Assurance; provide cost/benefit reports to security management.
* Support collaboration with key business stakeholders to ensure appropriate consideration is given to security requirements in periods of business change and product development.
Your Profile:
* Handles standard situation by relying on existing procedures and methods, covering several but known domains of expertise.
* Relies on existing processes and policies to take decisions.
* Focuses on execution in their domain, according to defined processes and methods. Runs and maintains the operational process.
* Works autonomously on standard activities or non-complex demands. Organises, co-ordinates and plans activities independently. Priorities are set by the job. Uses expertise to challenge the goals and scope of new requests and evaluates the impact of these new requirements.