Information Security Analyst - Business Security and Compliance

About The Position

Requirements

• Bachelors Degree required
• 4-7 yr of experience in Cyber Security, risk management, and/or compliance
• Certifications in information security and/or cyber security like CISSP, CISM, CGRC.
• Level of English C1

Nice To Haves

• Knowledge of security control frameworks and standards such as SOC2, ISO 27001, NIST, etc.
• Experience securing cloud-based environments.
• Experience with regulatory requirements.

Responsibilities

• Ensure alignment with Global Cyber security Framework
• Enforce policies, procedures and guidelines.
• Define risk, remediation plans and compensation controls to reduce risk through the use of Deviation Action Treatment Plans (DTAPs)
• Conduct Security Risk Assessments using Group Tools and Processes.
• Review cyber security risks for Vendor, Suppliers, Contractors and other Third-Parties
• Lead the process of critical digital asset compliance including stakeholder communications, reporting, review of evidence and maintaining compliance score
• Identify privacy and other regulatory requirements including AI evaluations
• Assess compliance with Global Cyber security Framework throughout the data and application life cycle (CDA’s, Global ERP systems)
• Assist in cyber crisis management response and/or cyber crisis simulations
• Coordinate cyber security incident response with identified stakeholders to define and minimise impact.
• Provide support Digital and IT Audits by providing responses and evidence related to cyber security controls.
• Lead rules of engagement, scope of work assessments and logistics for penetration testing engagements as well as lead Penetration Testing Efforts (IT & OT)
• Act as Cyber security expert within the organisation.

Benefits

• Medical, Dental, Vision, Life, AD&D, and Disability Insurance.
• 401(k) Retirement Plan with company match
• Tuition Assistance
• Paid Holidays, Vacation, and Sick time.
• Benefits start on the first day of employment.