Senior IT security Analyst

Contract Type
This position is archived.
This position is archived.
Job description

Working within the Global Information Security (GISO) team, this role supports both the regional and global teams with the provision and analysis of insightful, consistent and quality information security data obtained from the wider team, IT partners, third party suppliers and Business Units across the Company. In conjunction, the role will also assess information security risks through knowledge of security threats.

  • Provide support in vendor (3rd party) risk assessments including the delivery of quality inputs/ outputs for the meetings and the subsequent follow up on agreed actions and remediation
  • Provide timely, consistent and fit for purpose reporting through the collation and analysis of risk assessment data, third party suppliers and the SOC with inputs from the Information Security Leads
  • Maintain current assessments of C&W’s current global security posture, particularly with respect to client-related information services, using the associated SIG and SIG-lite questionnaires; such services may include C&W, closely held third party organizations, and third party organizations under long-term agreement.
  • Develop standard responses for client security questionnaires, particularly those based on the Shared Assessments methodology, for use in building a scalable response process.
  • Collaborate with Service Line organizations in responding to client security questionnaires, using standard answers where possible, and participating in client security audits.
  • Support the continuing embedding of the Information Security Risk Framework and processes
  • Ensure information security governance and processes align to the wider programme of information security processes and that they operate effectively.
  • Work with the wider Information Security Team to deliver an effective ‘second line of defence’ enabling the Technology function to add value through the delivery of high quality and timely outcomes to the Business which strengthen security risk and posture.
  • Degree or equivalent work experience in computer science, information systems, or related field
  • 2-3 years’ experience in an IT Security or IT Risk position
  • Experience with IT risk standards and industry best practice approaches, such as ISO 27001 / 2, CoBIT, COSO, ITIL, etc.
  • Maintain knowledge of, and contribute to, IT General Controls, SOC 1&2 controls, and ISO 27000 security controls.
  • Strong interpersonal skills and ability to work cross-functionally and across divisions with others
  • Knowledge of vendor assessment methodologies, IT policies and standards, awareness and training preferred.
  • Ability to work in more than one major IT discipline (e.g., distributed computing, networks, financial applications design and development, IT security and business recovery).
  • Excellent planning and organisational skills to co-ordinate risk assessments, reporting, control and assurance activities
  • Attention to detail and a track record of delivering high quality reports of accurately presented data in a meaningful and appropriate way
  • Highly numerate with strong data analysis skills to analyze, report and present meaningful data to stakeholders and colleagues at all levels
  • Exceptional interpersonal skills to successfully communicate with stakeholders by phone, in documentation, via email, and in meetings and workshops.
  • Strong communication and stakeholder engagement skills with the ability to influence and adapt approach as required at all levels

Company offers real challenges, a lot of work, an above average compensation and benefits package, good career development possibilities in an international environment, they can offer fun and fully contribute to the success of young, dynamic and competent team members.

Other notes
For more related job opportunities visit
This position is archived.
This position is archived.