Welcome!! Register or Login
December 07 2021

    Job details

Job Opportunity: Senior Security GRC Analyst:VANRATH IT

Job description:

Apply Now


Senior Security GRC Analyst

VANRATH Information technology
£75,000 - £85,000


VANRATH are pleased to be working with a leading law firm who are seeking to recruit a Senior Security GRC Analyst
Responsibilities :
   » Participate and lead all aspects of the Information technology audit function; including planning, audit program development, control analysis, testing, issue development, and reporting
   » Respond to client information security audits in a timely, accurate, and effective manner
   » Provide effective responses to client Request for Proposals and Requests for Information in support of the business development function
   » Ensure that scoped systems are monitored and audited relative to the requirements set forth in the firm's ISMS
   » Report on compliance with the firm’s information security policies and procedures
   » Monitor control systems to ensure that appropriate information access levels and security clearances are maintained
   » Provide guidance and support for the System Governance Virtual Team
   » Coordinate internal and external audit engagements with constituents
   » Provide status reports to the Information technology GRC Manager, Associate Director and other ISMS stakeholders
   » Maintain records of audit findings and ensure that corrective actions are implemented per the agreed remediation schedule
   » Develop standardized responses and documentation for external audits
   » Develop and provide metrics evaluating the effectiveness of the Information technology GRC function, and Information technology GRC's compliance with assigned ISMS responsibilities
   » Provide guidance to Legal regarding acceptable contract terms and conditions
   » Review and redline security schedules and other security requirements connected with proposed client contracts
   » Provide input into policies, standards and procedures. Author standards and procedures designed to safeguard sensitive information
   » Contribute to the Firm's security-related information repositories and other marketing/consciousness endeavours
   » Monitor the latest developments in the Information technology GRC discipline and utilize that knowledge for continual improvement by providing formal and informal strategic and tactical plans and roadmaps to the Information technology GRC Manager and other stakeholders
   » Mentor junior members of the Information technology GRC group
Skills and practice:
Technical Knowledge and Skills
   » Thorough knowledge of security concepts and best practices
   » Authoritative knowledge of audit principles applied to common information security domains such as security policy, organizational structure, asset management, human resources, physical security, operations, communications, access control, development and acquisition, incident management, business continuity, and compliance
   » Authoritative knowledge of principles, theories, techniques, and methods of information system analysis and risk assessment
   » Authoritative knowledge of security frameworks such as ISO 27001, NIST, SANS CSC
   » Working knowledge of common information systems such as Active Directory, networking, endpoint management, application development principles, cloud security and SQL
   » Working knowledge of common GRC and vendor risk management platforms
   » Proficient in the use of Microsoft Excel, Word and other office automation software
   » Capable of providing assistance with the preparation of internal training materials and documentation
Non-Technical Skills
   » Sufficient business acumen to understand the business drivers connected with risk management concepts, particularly those affecting client audits, RFP's, and contractual terms
   » Functional leadership abilities skills such as the capability to direct the action of others, to facilitate meetings, and to report status in a clear and concise manner
   » Strong written and oral communication skills. capability to convey complex concepts to non-technical constituents. Proficiency in oral and written English
   » Strong project management, analytical and interpersonal skills
   » capability to set priorities independently given broad executive requirements
   » Demonstrates flexibility in response to the ever-changing priorities of a service provider organization
   » Passionate in the practice and pursuit of Information technology GRC excellence
   » Provide exemplary customer service by striving for first call resolution and demonstrating, empathy, respect, professionalism, and skills
   » Maintain critical thinking and composure under pressure
   » Gather and analyze facts, draw conclusions, define problems, and suggest solutions
   » Internalize and act upon constructive feedback
   » Adopt new skills and improve existing skills in a dynamic environment
Minimum Education / practice

   » Possess a Computer Science, Information Assurance, or Information Systems Bachelor’s Degree or substantial equivalent practice
   » Strong practical practice in information security technical operations
   » Strong management or managery practice in information security with a focus on IS audit, compliance, and risk management Apply Now


Job Category: Customer Service [ View All Customer Service Jobs ]
Language requirements:
Employment type:
Salary: Unspecified
Degree: Unspecified
Experience (year): Unspecified
Job Location: Belfast, Other
Company Type Employer
Post Date: 11/25/2021 / Viewed 3 times
Contact Information

Apply Online