Security Assurance Analyst | London
The Security Assurance Analyst will work in the Security Assurance (SA) function which is responsible for providing the Board with independent, evidence-based information about security in order to help the Board oversee and monitor the security of the firm.
Reporting to a Security Assurance Technical Specialist, this role will be responsible for:
* Supporting assessments of whether processes and solutions designed and implemented by governance, product, engineering and operational teams meet the security outcomes defined by the Board.
* Assisting with writing reports for the Board.
* Building good working relationships with teams across the business, whilst still maintaining the independence required of an assurance team.
* Helping to document, communicate and continuously improve security assurance processes.
* Building and maintaining a broad understanding of the company's technologies, processes, organisation and information flows, and the security threats and vulnerabilities to them.
Who are we looking for?
The SA team combines strong security, analytical and technical skills with appropriate assurance and audit techniques in order to provide the Board with valuable, evidence-based expert analysis. This role focuses on helping bring assurance and audit experience to the team and apply it in flexible ways that suit a fast-paced, entrepreneurial organisation.
You will have:
* 2:1 or above from a Russell Group University (Or Royal Holloway)
* 2 - 3 years' experience conducting IT and/or information security audits.
* Knowledge of information security frameworks such as ISO 27000 and NIST.
* A desire to understand and help drive actual security risk reduction.
* Experience working with information security, technical infrastructure and/or software development teams.
* Capability to build and maintain an understanding of a complex and rapidly changing business.
* Ability to think out of the box and identify suitable approaches without being constrained by standard ways of working.
* Excellent written and verbal communication skills.
* Enthusiasm and drive for learning and developing new skills and knowledge.
* Familiarity with the three lines of defence operating model.
* Familiarity with internal audit standards.