Technology Risk & Controls Analyst (2-4 Years)

Job Description


Salary/ Benefits
In order to attract the very best talent on the market a generous remuneration package is on offer of £28,500 plus a range of fantastic benefits.

Client
VANRATH are pleased to be working with an industry leading global professional services network who are recruiting for a high calibre candidate to fill the Technology Risk and Controls Analyst role.

The Ideal Person

  • 2 or more years experience in professional roles involving information security, data privacy and/or controls testing.
  • Knowledge of information risk and compliance principles. Broad understanding of security technology and related risk and compliance issues
  • Senior stakeholder relationship management
  • Excellent attention to detail and a passion for delivering high quality output for clients


Desirable Criteria

  • Cyber Security related certifications including ISO27001 Lead Auditor, CISA, CISM, COBIT, CISSP, CIPM
  • Degree in Information Technology or related subject or equivalent experience
  • Strong understanding of information security controls & ISMS standards such as ISO 27001/2, COBIT and NIST
  • Experience with SOC2 compliance standards
  • Knowledge of cloud computing environments.
  • Knowledge of characteristics of SaaS, PaaS and IaaS solutions.
  • Evaluating the control environment including review of compensating controls and risk mitigation.
  • Information Security assessment processes, including audit, vulnerability scanning, and security policy and standards review.
  • Creating or managing IT security policies and standards.
  • Experience in reviewing or generating assurance reports such as SOC, ISO, PCI/DSS etc.
  • Understanding of Information Security fundamentals across multiple domains, including (but not limited to) security management, security architecture, application security, network security, access control, application development, operations security, physical security, cryptography, telecommunications and networking, business continuity planning, laws, investigations, and ethics.





Responsibilities

  • Perform risk assessment on suppliers and identify risk domains.
  • Conduct remote/onsite security assessments.
  • Review policy and procedures relating to information security and data privacy.
  • Ensure that potential issues are raised promptly and discussed with management to identify options to mitigate risk.
  • Identify, document and communicate control gaps/deficiencies to internal and external stakeholders
  • Demonstrate client management skills throughout the assessment process.
  • Identify process efficiencies/enhancements to keep assessment programs in line with industry best practices.
  • Perform other duties as assigned.
  • Manage a large and diverse portfolio of Vendors for the firm;
  • Negotiate remediation plan with suppliers
  • Maintain open communication channels with senior stakeholders through regular governance sessions, escalating appropriately as and when required.
  • Own the quality of all client outputs and ensure all client and internal document repositories are accurate and up to date





For further information on this vacancy, or any other Cybersecurity job in Belfast or wider Northern Ireland, please apply via the link below or contact Jordan Madden in the strictest confidence.