Listing Description

The key objectives for the role of Cybersecurity GRC Analyst:

• Run operational cybersecurity controls owned by the DPO team


• Provide support to the company’s ISO 27001 cybersecurity program


• Enable the DPO team and other business units to meet internal and external cybersecurity requirements


• Enable continual improvement of cybersecurity across the business.

What you’ll do: 

• Be the administrator and operator of our cybersecurity GRC platform (LogicManager)


• Conduct vendor cybersecurity assessments; coordinating information gathering from internal and external stakeholders


• Manage cybersecurity policy attestations for new joiners


• Support annual cybersecurity risk assessments


• Review policies and processes to ensure compliance with ISO 27001 and other best practice standards (e.g. NIST, ISO 27002, CIS CSC etc.)


• Review service performance reports identifying any significant issues and variances, initiating, where necessary, corrective actions and ensuring that all outstanding issues are followed-up


• Assist in efforts to handle security incidents or investigations


• Support the creation of responsive documentation to customer cybersecurity inquiries 


• Provide ongoing optimization and problem-solving support


• Identify gaps or potential enhancements in existing operational practices 


• Take ownership and deliver, from end to end, work packages and project allocated to you


• Keep your Line Manager and peers well informed of your activities, workload and availability. 

Qualifications: 

• Have a bachelor degree in cybersecurity or other relevant qualifications (e.g. CISMP, ISO 27001 Lead Implementer, CISSP Associate, CISA, CISM etc.)


• An understanding of key cybersecurity domains including but not limited to; asset management, security governance, security risk management, vulnerability management, SSDLC, data loss prevention, access control, protective technologies, security monitoring, incident response and disaster recovery


• Possession of excellent oral and written communication skills


• Experience in presenting technical topics to audiences with various technical backgrounds


• Knowledge of laws, regulations, policies, and ethics as they relate to cybersecurity and privacy


• Knowledge of cyber threats, vulnerabilities and their potential impact


• Knowledge of information technology (IT) architectural concepts and frameworks


• Knowledge of risk management frameworks


• Problem solving skills


• Experience of project management (including stakeholder management)


• Willingness to learn


• Proactive, diligent work ethic.

Minitab requires employees to be fully vaccinated for COVID-19 according to applicable law.