Listing Description
The key objectives for the role of Cybersecurity GRC Analyst:
- Run operational cybersecurity controls owned by the DPO team
- Provide support to the company’s ISO 27001 cybersecurity program
- Enable the DPO team and other business units to meet internal and external cybersecurity requirements
- Enable continual improvement of cybersecurity across the business.
What you’ll do:
- Be the administrator and operator of our cybersecurity GRC platform (LogicManager)
- Conduct vendor cybersecurity assessments; coordinating information gathering from internal and external stakeholders
- Manage cybersecurity policy attestations for new joiners
- Support annual cybersecurity risk assessments
- Review policies and processes to ensure compliance with ISO 27001 and other best practice standards (e.g. NIST, ISO 27002, CIS CSC etc.)
- Review service performance reports identifying any significant issues and variances, initiating, where necessary, corrective actions and ensuring that all outstanding issues are followed-up
- Assist in efforts to handle security incidents or investigations
- Support the creation of responsive documentation to customer cybersecurity inquiries
- Provide ongoing optimization and problem-solving support
- Identify gaps or potential enhancements in existing operational practices
- Take ownership and deliver, from end to end, work packages and project allocated to you
- Keep your Line Manager and peers well informed of your activities, workload and availability.
Qualifications:
- Have a bachelor degree in cybersecurity or other relevant qualifications (e.g. CISMP, ISO 27001 Lead Implementer, CISSP Associate, CISA, CISM etc.)
- An understanding of key cybersecurity domains including but not limited to; asset management, security governance, security risk management, vulnerability management, SSDLC, data loss prevention, access control, protective technologies, security monitoring, incident response and disaster recovery
- Possession of excellent oral and written communication skills
- Experience in presenting technical topics to audiences with various technical backgrounds
- Knowledge of laws, regulations, policies, and ethics as they relate to cybersecurity and privacy
- Knowledge of cyber threats, vulnerabilities and their potential impact
- Knowledge of information technology (IT) architectural concepts and frameworks
- Knowledge of risk management frameworks
- Problem solving skills
- Experience of project management (including stakeholder management)
- Willingness to learn
- Proactive, diligent work ethic.
Minitab requires employees to be fully vaccinated for COVID-19 according to applicable law.
Listing Details
- Citizenship: Not Provided
- Incentives: Not Provided
- Education: Not Provided
- Travel: Not Provided
- Telework: Not Provided