Cyber Risk & Compliance Analyst

Reporting into our Director of Cyber Risk Compliance, youll contribute to the security and compliance of our platforms and applications. The role contributes to our policy, processes, frameworks, compliance obligations and business resilience work. Some of the responsibilities youll have are:

• Contribution to, and maintenance of, our security policies, standards, controls and processes that protect the confidentiality, integrity and availability of information.
• Implementation of controls that map to compliance frameworks such as NIST, PCI DSS, SOC2, SOX, GDPR and ISO 27001.
• Empower our people to be security assets - our first line of defense against the threats to our information security
• Mitigate the business loss arising from security issues by understanding security risk, monitoring control effectiveness and reporting
• Measurement of Key Risk Indicators aligned to our security controls
• Contribute to the global security strategy, security standards, enterprise security architecture, roadmap of security initiatives in alignment with group strategy, business unit strategies and business plans
• Participate in the deployment of security initiatives across the Group
• Supporting security management with trusted advice and guidance on security aspects across process, service and technology design
• Contributing to overall security administration, security risk management and resilience oversight
• Facilitate collaboration with technical functions and manage relationships with external auditors
• Aid in the development and maintenance of on-going security awareness programs

Essential Responsibilities:

• Contribution to, and maintenance of, our security policies, standards, controls and processes that protect the confidentiality, integrity and availability of information.
• Implementation of controls that map to compliance frameworks such as NIST, PCI DSS, SOC2, ISO 27001, SOX and GDPR.
• Empower our people to be security assets - our first line of defence against the threats to our information security
• Mitigate the business loss arising from security issues by understanding security risk, monitoring control effectiveness and reporting
• Measurement of Key Risk Indicators aligned to our security controls
• Building visual dashboards to convey security risk information
• Contribute to the global security strategy, security standards, enterprise security architecture, roadmap of security initiatives in alignment with group strategy, business unit strategies and business plans
• Participate in the deployment of security initiatives across the Group
• Supporting regional security management with trusted advice and guidance on security aspects across process, service and technology design
• Contributing to overall security administration, security risk management and resilience oversight