Description
Senior Information Security Analyst
Division
To face the ever evolving threats we are evolving and expanding the Group Security & Business Resilience Division.
As a global critical financial infrastructure, the protection of information and assets is fundamental to the company's business. Security is at the core of our services, firmly Embedded in the management systems and processes of the company. You will be joining our Group Security & Business Resilience (GSBR) in charge of putting in place the required controls to adequately and effectively protect our information assets.
Team
The objective of Business Continuity & Resilience Management is to reduce business interruptions, ensure the continuity of business, minimize financial impacts, create resilience strategies to reduce the impact of a threat and the development of plans to respond and recover from threats that cannot be controlled or mitigated.
The team collaborates across the organisation, with IT and business teams and functions such as HR, Risk Management and Compliance.
Role
Within the Group Business Continuity team & Crisis Management team, you will:
- Contribute to define the strategy and support the implementation of one of the Security projects aiming at reducing third parties (providers, business partners, clients) security risks across the group.
This project covers the end-to-end third party's security risk management process and will be progressed in close collaboration with Supply Chain and other teams.
This process will be based on the following key elements:
- A risk profiling of suppliers/third parties (new and existing);
- A security risk assessment tailored to the risk profile
- Management of the residual risks in line with the risk management framework
- Contractual requirements and termination
- Alongside to this project the contractor will be an information security advisor to the business on different topics, including current vendor's assessments.
- The contractor will join a small team of security analysts who already started the project a few months ago using Agile way of working.
Technical skills
- Education: Degree in IT or Business
- Strong experience of Information Security (including certifications) and of third parties security management
- Languages: English
Soft skills
- You are able to set the direction of a project and like working with different people and have strong oral and written communication skills.
- You are accurate, timely and able to organise yourself independently. You have strong attention to details.
- You like to work in team, to coordinate and you can adapt your approach depending on your counterpart