Description
Information Security Risk Analyst
Role:
- Assist in the design and delivery of security risk management policies and standards.
- Support collaboration with senior management to coordinate a consistent framework and approach to security risk planning, regulatory awareness, adherence, testing, due diligence responses, and reporting on KPIs and KRIs.
- Support the development of inputs and outputs for relevant governance bodies, and prepare reports for the business.
- Maintain the database of client-issued RFP's and RFI's; respond to internal and external database knowledge requests.
- Support the execution of security training Group-wide, differentiating employee groups by risk profile and seniority.
- Execute the risk assessment, remediation and monitoring of information and technology risks associated with the business; report identified risks to business stakeholders and provide remediation recommendations.
- Support engagement with business stakeholders, business/application/solution architecture, IT and operational teams.
- Assist with business cases for the acquisition of new security solutions to drive performance and innovation.
- Support 'proof of concepts' within Security Risk and Information Assurance; provide cost/benefit reports to security management.
- Support collaboration with key business stakeholders to ensure appropriate consideration is given to security requirements in periods of business change and product development.
Profile:
- Handles standard situation by relying on existing procedures and methods, covering several but known domains of expertise.
- Relies on existing processes and policies to take decisions.
- Focuses on execution in his/her domain, according to defined processes and methods. Runs and maintains the operational process.
- Works autonomously on standard activities or non-complex demands. Organises, co-ordinates and plans activities independently. Priorities are set by the job. Uses expertise to challenge the goals and scope of new requests and evaluates the impact of these new requirements