GRC Analyst, Manchester
Manchester, North West England 1+ months ago
Job Description
An exciting opportunity has arisen to join the growing ICT Department and become a member of the InfoSec team working in a dynamic and fast-paced environment with new challenges every day. Based in our Clients Manchester Head Office. It is an exciting time to join the business as they rationalise their current infrastructure and embark on their journey to Cloud based services. You will work collaboratively with the business and wider IT team (Infrastructure, Network, Development, DevOps, and Service Desk) to provide governance and security for existing and new services.
A broad technical knowledge is required, alongside ITIL experience in Incident, Request, Change, Problem, Release, Event and Knowledge management. You will be forward thinking, customer focussed and self-motivated with the drive to improve all IT services and the user experience.
Must aspire to a culture of service excellence, always putting the customer, our people, and our business at the centre of everything you do.
Demonstrate strong organisational skills and be accountable for your daily workload
Demonstrate a systematic, disciplined, and analytical approach
Be customer focussed and ardent in ensuring that colleagues receive a high quality of service
The Governance, Risk, and Compliance Analyst is responsible for the assessing and documenting of the Company's compliance and risk posture as they relate to its information assets. The purpose of this position is to provide highly skilled technical and information security expertise for development and implementation of the information security risk management program. Responsibilities require leadership and project management experience, as well as expertise to ensure effective system-wide security analysis; intrusion detection; standards and testing; risk assessment; awareness and education; and development of policies, standards, and guidelines
Experience:
Strong understanding of ISO27001 and Cyber Essentials
Experience with NIST or PCI-DSS is desirable
Experience with ISO9001 is desirable
Great understanding of risk, both internally and externally
Previous audit experience
Understanding of GDPR, data protection and information governance
Knowledge of information security risk management frameworks and compliance practices
Knowledge of securing network technologies, client, and server operating systems
Ability to develop security standards and guidelines based on best practices and industry standards
Experience responding to, analysing, and communicating information security incidents
P46451NB
INDMANS