We use cookies to make your experience of using our website better. To comply with the e-Privacy Directive we need to ask your consent to set these cookies.

Security Risk, Compliance & Audit Analyst

col-narrow-left 

Job ID:

48508

Location:

Oxfordshire 

Salary:

£450.00
col-narrow-right 

Job Views:

14

Employment Type:

Contract

Posted:

23/08/2018
col-wide 

Job Description:

Security Risk, Compliance & Audit Analyst/Consultant is required by my global client.

ABOUT THE ROLE:

Business Process & Risk is a newly created department, as a second line of defence function, its primary role is to:

* Develop the framework ( guardrail ) on how our business stakeholders should manage risks through good processes and controls

* Support business process owners develop and design policies, processes and controls

* Monitor implementation and adherence to policies and processes

* Provide good practice advice in driving process and controls optimisation

* Support and challenge our stakeholders on how they manage risks, controls and governance

The scope of work covers a broad range of risks, from financial, technological, compliance to operations. We work with a wide group of stakeholders from Business Process Owners in EHQ, senior leaders in local markets, and stakeholders at the Group level.

SCOPE OF THE ROLE:

Independent review of our security process level controls:

Carry out the technical review of tools and security controls implemented to ensure compliance

Identify gaps from where we are v Group policy

Identify where we also need new/other policies based on our risk profile

Support development of a security controls programme:

Support the Director of Business Process & Risk in developing a Security Risk definition with IT and the Group Cybersecurity team for application in EMEA

Define at process level the roles and responsibilities between IT & Risk team

Define an action plan for developing and implementing technical and process level controls

Recommend technical controls to be in place and what actions are needed

Where technology solutions are required, recommend the most suitable solution/additional work we need to put in place

Define the actions required to implement these controls and technology

Prioritise these actions based on risks and effort

Define a regular security risk and controls monitoring programme

Support the Director of Business Process & Risk in defining a regular security work programme to monitor security risks and incidents - security controls matrix, test programme

Develop security reporting for senior executives and IT stakeholders (dashboard templates, process to create these reports)

REQUIREMENTS:

* Experience in data protection and legal compliance

* Experience in developing a security risk and controls programme

* ISO 27001 Implementer/Lead Auditor certified.

* Solid knowledge of GDPR and national data protection laws

* Knowledge of data processing operations

* Expert in access control and implementing within Office 365/OneDrive

* Expert in the reviewing and testing technical security controls

* Expert knowledge and experience in the security tools, such as the following, a plus:

* SCCM

* Netwitness

* Nessus

* Cisco Umbrella

* Comodo

* Bitlocker

This is a fantastic opportunity to secure a contract within a dynamic, global organisation. Please send your CV in the first instance and you will be contacted with full role information.

Logic Engagements Ltd is a leading provider of IT staff to clients, consultancies and to product suppliers/authors.

Our consultants deliver a highly professional service, always backed up by our team of specialist resourcers who are all experienced in their own markets. This ensures that we fully understand our clients' requirements and our candidates' skills and needs.

If you have the relevant skills and experience for this position we would welcome your application, however please note that we often receive high levels of responses to our advertisements so can only immediately respond to those that are a close match. .

Logic Engagements Ltd operates as an employment agency and employment business
Company Info
Anonymous

Company Profile



Company Info


Anonymous

Phone:
Web Site:

Security Risk, Compliance & Audit Analyst

col-narrow-left 

Job ID:

48508

Location:

Oxfordshire 

Salary:

£450.00
col-narrow-right 

Job Views:

14

Employment Type:

Contract

Posted:

23/08/2018
col-wide 

Job Description:

Security Risk, Compliance & Audit Analyst/Consultant is required by my global client.

ABOUT THE ROLE:

Business Process & Risk is a newly created department, as a second line of defence function, its primary role is to:

* Develop the framework ( guardrail ) on how our business stakeholders should manage risks through good processes and controls

* Support business process owners develop and design policies, processes and controls

* Monitor implementation and adherence to policies and processes

* Provide good practice advice in driving process and controls optimisation

* Support and challenge our stakeholders on how they manage risks, controls and governance

The scope of work covers a broad range of risks, from financial, technological, compliance to operations. We work with a wide group of stakeholders from Business Process Owners in EHQ, senior leaders in local markets, and stakeholders at the Group level.

SCOPE OF THE ROLE:

Independent review of our security process level controls:

Carry out the technical review of tools and security controls implemented to ensure compliance

Identify gaps from where we are v Group policy

Identify where we also need new/other policies based on our risk profile

Support development of a security controls programme:

Support the Director of Business Process & Risk in developing a Security Risk definition with IT and the Group Cybersecurity team for application in EMEA

Define at process level the roles and responsibilities between IT & Risk team

Define an action plan for developing and implementing technical and process level controls

Recommend technical controls to be in place and what actions are needed

Where technology solutions are required, recommend the most suitable solution/additional work we need to put in place

Define the actions required to implement these controls and technology

Prioritise these actions based on risks and effort

Define a regular security risk and controls monitoring programme

Support the Director of Business Process & Risk in defining a regular security work programme to monitor security risks and incidents - security controls matrix, test programme

Develop security reporting for senior executives and IT stakeholders (dashboard templates, process to create these reports)

REQUIREMENTS:

* Experience in data protection and legal compliance

* Experience in developing a security risk and controls programme

* ISO 27001 Implementer/Lead Auditor certified.

* Solid knowledge of GDPR and national data protection laws

* Knowledge of data processing operations

* Expert in access control and implementing within Office 365/OneDrive

* Expert in the reviewing and testing technical security controls

* Expert knowledge and experience in the security tools, such as the following, a plus:

* SCCM

* Netwitness

* Nessus

* Cisco Umbrella

* Comodo

* Bitlocker

This is a fantastic opportunity to secure a contract within a dynamic, global organisation. Please send your CV in the first instance and you will be contacted with full role information.

Logic Engagements Ltd is a leading provider of IT staff to clients, consultancies and to product suppliers/authors.

Our consultants deliver a highly professional service, always backed up by our team of specialist resourcers who are all experienced in their own markets. This ensures that we fully understand our clients' requirements and our candidates' skills and needs.

If you have the relevant skills and experience for this position we would welcome your application, however please note that we often receive high levels of responses to our advertisements so can only immediately respond to those that are a close match. .

Logic Engagements Ltd operates as an employment agency and employment business