Information Security Analyst - Risk
This job does not exist anymore.
Or fill in the form below to receive job alerts.
|Area||West Midlands, UK|
|Job Ref||ISA(R)- LD|
Information Security Analyst – Risk
Monarch IT is looking for an Information Security Analyst to represent a market leading Retail Group. The opportunity will play a key role in the Risk team who are responsible for maintaining the Information Security Risk register, ensuring that risks are up to date, with owners agreed timelines for remediation and control
Currently the Information Security team has around 60 employees and following a recent acquisition they are now looking to further grow their Information Security team within a great company cultural environment and opportunities to further develop you skillset with training and development from some of the leading industry experts.
- Identify and document Information Security risks and Maintain the InfoSec risks and issues in Risk register
- Assist with planning, designing and implementing an overall risk management process
- Work as part of the wider InfoSec team for incidents and other areas to understand and document risks
- Maintain the Information Security & IT Risk reduction programme
- Generation of compliance reports for audit by the Information security function
- Develop a strategy for advancing risk management maturity across IT and the business
- Introduce and promote a Risk Management Framework, underpinned by the design of risk templates, risk procedures and guidelines
- Liaise with group audit, risk and other functions to ensure an appropriate exchange of knowledge and information is maintained at all times
- Establish risk management awareness through the design and delivery of risk workshops and 1-2-1 sessions
- Adhere strictly to compliance and operational risk controls in accordance with Sainsbury’s Group and regulatory standards, policies and practices
- Degree or relevant industry experience (Info Sec, IT or technology projects)
- Knowledge or Experience of Risk Management, Audit or IT Security
- Practical Knowledge of ISO27001/2 standards
- CISSP, CISM, CCSP, CEH or equivalent certified (desirable but not essential)
- Knowledge of the principles of Information Security