Naukrijobs UK
Register
London Jobs
Manchester Jobs
Liverpool Jobs
Nottingham Jobs
Birmingham Jobs
Cambridge Jobs
Glasgow Jobs
Bristol Jobs
Wales Jobs
Oil & Gas Jobs
Banking Jobs
Construction Jobs
Top Management Jobs
IT - Software Jobs
Medical Healthcare Jobs
Purchase / Logistics Jobs
Sales
Ajax Jobs
Designing Jobs
ASP .NET Jobs
Java Jobs
MySQL Jobs
Sap hr Jobs
Software Testing Jobs
Html Jobs
IT Jobs
Logistics Jobs
Customer Service Jobs
Airport Jobs
Banking Jobs
Driver Jobs
Part Time Jobs
Civil Engineering Jobs
Accountant Jobs
Safety Officer Jobs
Nursing Jobs
Civil Engineering Jobs
Hospitality Jobs
Part Time Jobs
Security Jobs
Finance Jobs
Marketing Jobs
Shipping Jobs
Real Estate Jobs
Telecom Jobs

Information Security Due Diligence Analyst

eFinancialCareers
Job LocationLiverpool
EducationNot Mentioned
SalaryCompetitive salary
IndustryNot Mentioned
Functional AreaNot Mentioned
Job TypePermanent , full-time

Job Description

Evelyn Partners is the UKs leading integrated wealth management and professional services group, with over 186 years of experience in helping generations of people and businesses to thrive. We offer an extensive range of financial and professional servicesto individuals, family trusts, professional intermediaries, charities and businesses.We provide an award-winning service for our clients by employing the best people. Join us on our mission to place the power of good advice into more hands because we believe that everyone deserves access to good advice, regardless of where theyre at intheir financial journey.An exceptional track record of growth and innovation is driven by our core values of: Personal, offering advice based on a true understanding of what matters to our clients; Partnership, working with our clients in a joined-up, collaborative way; and Performance,demonstrating a breadth and depth of advice expertise to deliver first-class results.Read more about us and available career opportunities here: Wealth, accountancy and business advisory services | Evelyn Partners and Careers | Evelyn PartnersJob Description Evelyn Partners is looking for an experienced information security risk professional with expertise in risk assessments, risk treatment advisory, third party assessments, security compliance, security assurance and working on other governance, risk and complianceprojects within our team. The candidate must be pro-active, have a thorough understanding of and an ability to perform as a productive member of an Information Security team.The Information Security Third Party Due Diligence Analyst will verify that third parties meet the minimum-security requirements to protect our organisation from a supply chain related attack or incident, apply relevant risk mitigations, dealing with multiplestakeholders to ensure end to end treatment is applied. They will also be part of our governance processes through the business and frequently deliver updates to senior management in meetings and information security forums.This role works within the information security team and collaborates with other teams such as Privacy, Legal, SecOps and Procurement providing great opportunities for stakeholder engagement.Key Responsibilities

  • Perform internal information security risk assessments and recommend mitigation actions to be implemented in solutions.
  • Perform vendor risk assessments and due diligences on third parties and recommend mitigation actions to be implemented by third parties.
  • Assess third party adherence to the minimum-security standards and record/track deviations or concessions.
  • Operate a risk-based assurance approach to ensure key third parties continue to comply with the defined security requirements
  • Generate MI and reporting on third-party assessments and maintain risk profile of third parties
  • Maintain risk registers and mange escalations, re-assessments, risk acceptance and risk exceptions.
  • Reviewing information security controls on an ongoing basis against the changing risk landscape to evaluate changes in residual risk and assess the sufficiency of the corresponding compensating control(s) or the need for new controls
  • Reviewing and dispositioning information security risk exception requests in accordance with the information security policy, and ensuring time-limited risk exceptions are reviewed prior to their expiry
  • Identify best practices and derive organisation-wide technical standards, processes and policies and advise stakeholders regarding security for all organisational activities.
  • Reviewing audit requests from clients and regulators.
  • In conjunction with the Information Security Risk Manager, develop and implement information security policies, standards and documentation ensuring compliance with all applicable legal or regulatory legislation.
  • To drive continuous improvement and to contribute to cybersecurity community collaboration internally and externally.
  • Serve as the point of contact for security topics and help guide the technology teams and business stakeholders.
  • Engage with organisation-wide security allies and drive organisational security initiatives and a risk-aware mindset.
  • Remain current on industry standards for security in a technology environment.
Key Skills and Experience
  • Experience in Information Security.
  • Experience of dealing specifically with governance, risk and compliance areas.
  • Experience reviewing assessments and SOC Type II reports for completeness and have worked with suppliers to address issues/concerns.
  • Experience managing audit returns from clients and regulators.
  • Supported legal and procurement teams with complex contract reviews and negotiations.
  • Prior experience writing Information Security related Policies, Processes and Procedures.
  • Experience managing internal and third-party vendor risk assessments and writing risk assessment reports.
  • A record of accomplishment of effectively analysing security controls, while understanding the risk of certain controls not being in place.
  • The ability to effectively communicate security risks and impact to various business (often non-technical) stakeholders.
  • The ability to work proactively and collaboratively in a fast-paced working environment, balancing multiple concurrent activities and initiatives.
  • The ability to prioritise own workload and decision making when dealing with multiple stakeholders.
  • Experience in using good practice standards such as ISO 27001 (Implementation, Compliance, Certification, and audit reviews), Cyber Essentials and NIST
  • Experience of undertaking information security in both a waterfall and an agile context.
Qualifications Professional Qualifications and Education
  • Degree or equivalent in Information Technology or Risk Management is preferred.
  • Certification in Information Security domains is preferred
  • Certification in cloud architectures is advantageous, especially Microsoft Azure.
Additional information As a colleague here at Evelyn Partners, you will have access to benefits that include:
  • Competitive salary
  • Private medical insurance
  • Life assurance
  • Pension contribution
  • Hybrid working model (role dependant)
  • Generous holiday package
  • Option to purchase additional holiday
  • Shared parental leave
We are proud to value the differences that a diverse workforce brings, representative of society and our clients. At Evelyn Partners we have a wide range of highly active employee re

APPLY NOW

Information Security Due Diligence Analyst Related Jobs

© 2019 Naukrijobs All Rights Reserved