Information Security Analyst

• The TDI CSO Embedded Risk Team (ERT) is a global team whose footprint extends to the US, UK, India, and Europe. There are currently 15 members spread across these locations. The ERT is split into three main groups 1) internal and statutory Audit Coordination, 2) Finding Management Governance and 3) Information Security Risk Management.
• All of them perform the same function with the only difference being that statutory Audit Coordination is an external facing function (External Auditors) while all others face off to Internal Audit, other TDI ERT teams, Divisional CISOs and Divisional ISOs, ITAOs across the bank, 2nd Line Risk Type Controller, Group COO Central Approval Function and others.
• The teams main objective is to support, manage and monitor all aspects of Risk and Control impacting the TDI CSO division and the main responsibility is to ensure TDI CSO is fully compliant with the Finding Management procedure and all relevant 2nd line minimum control standards in relation to Information Security Risk and Physical Security Risk.

Your key responsibilities

• Information Security is responsible for preventing IT-based crime, hacking, intentional or inadvertent modification, disclosure, or destruction to the organization's information systems and IT assets and intellectual property. The focus of the role is to ensure highly professional and productive procedures, policies and processes are in place, and aligned and agreed with relevant stakeholders.
• In the role as Information Security Analyst within TDI CSO ERT the main responsibility is to create for different stakeholders weekly, monthly, quarterly or ad hoc risk reports to show progress within the CSO and Information Security risk portfolio to drive Information Security Strategy and secondly run governance on all Findings across the CSO Organization.

The main responsibilities are:

• Prepare, create, and present regular CSO internal reports and status updates to Senior Management, and key working groups
• Provide support on delivering new reporting requests on an ad hoc basis in a timely manner
• Improve the CSO ERT reporting landscape and drive reporting automation based on requirements
• Engage with CSO stakeholders for reporting and tracking purposes
• Support with further reporting the Finding Management governance
• For all CSO findings ensure proper governance is in place so that no finding will report overdue
• Closely work with all CSO divisions together to ensure each Finding life cycle is well prepared in advance to submission

Your skills and experience

• Educated Bachelor's degree level or equivalent qualification / work experience in auditing and enterprise risk management especially Information Security Risk Management (Risk Management for 1-3 years and or available Information Security certificates CISM/CISA)
• Excellent knowledge of MS Office standard applications including VBA and data visualization tools
• Development skills in VBA, MS SQL, Phyton and Share Point Online
• Ability to monitor, track and clearly communicate progress, escalating issues when appropriate
• First project management experiences
• Work in global teams across different time zones and within a matrix environment
• Practical experiences in Change Management to enable changes resulting from the program to be firmly embedded in the organization
• have some knowledge of relevant management and business change techniques such as business process modeling and re-engineering
• Fluent in English (written/verbal)