Information Security & Compliance Analyst (Lexington)

Compensation

: $106,520.00 - $158,550.00 /year *

Employment Type

: Full-Time

Industry

: Information Technology



Loading some great jobs for you...





Summary

Your role will be to support and coordinate the improvement of our security controls and visibility within the group organisation structure based around the ISO/IEC 27001:2013 standard, GDPR Regulation as well as other required standards/regulations. You will monitor security compliance reporting and support group information security and compliance communications. Further responsibilities include supporting the management of the internal and external audit schedule, remediation activities and effectiveness measurements. Although not a strictly technical role, technical IT knowledge will be advantageous as you will interact regularly with IT infrastructure and development teams.

The right person for this role will be pro-active and resilient in the face of shifting priorities, with a keen eye for detail and the ability to prioritise and complete tasks in an effective and timely manner. They will need strong stakeholder engagement skills to ensure completion of tasks where ownership is outside of the security team. Experience of carrying out compliance audits to defined standards would be of benefit when applying for this role.

Key Responsibilities

To assist the Group Information Security Manager in managing day to day, business as usual, Information Security and Compliance activities. Activities include:

Help monitor and improve security controls within Creditsafe
Support in the management of the internal policy portal
Perform regular security and compliance activities including security reviews and internal audit
Support the Security and Compliance standardisation program
Support in the monitoring of the Creditsafe GDPR compliance and audit program
Coordinate the regular internal and external audit activities including organising participants and managing resulting actions
Assist with the internal Security communications program
Other duties as defined by the information security manager or Group Head of Information Security and Compliance
Compile and manage group wide security and compliance metrics reporting

Key Skills:

Essential:
Prior experience in an information security or regulatory role
Knowledge of Security and compliance frameworks such as ISO27001, Cyber Essentials etc.
Knowledge of GDPR
Clear and concise communicator
Policy creation and lifecycle management
Ability to collaborate with multidisciplinary teams
Strong organisational skills
Strong Microsoft Excel, Word, PowerPoint skills
Flexibility to travel ( c25%)

Desirable:
Knowledge of SOC 2 and CSA Star audit management
Degree or higher education within a technical or business oriented subject or relevant commercial experience
Experience of carrying out compliance audits


Associated topics: cybersecurity, iam, idm, information assurance, information security, security, security engineer, security officer, violation, vulnerability * The salary listed in the header is an estimate based on salary data for similar jobs in the same area. Salary or compensation data found in the job description is accurate.

Launch your career - Create your profile now!

Create your Profile

Loading some great jobs for you...