Senior Information Security Risk Analyst
To face the ever evolving threats we are evolving and expanding the Group Security & Business Resilience Division.
As a global critical financial infrastructure, the protection of the client's information and assets is fundamental to the company’s business. Security is at the core of our services, firmly embedded in the management systems and processes of the company. You will be joining our Group Security & Business Resilience (GSBR) in charge of putting in place the required controls to adequately and effectively protect our information assets.
The recent spate of cyber-attacks on some of the world’s largest organisations has highlighted the requirement for a strong information and security function. Security threats are a Board-level agenda item as they have the capacity to disrupt the entire European post-trade process.
The objective of Business Continuity & Resilience Management is to reduce business interruptions, ensure the continuity of business, minimize financial impacts, create resilience strategies to reduce the impact of a threat and the development of plans to respond and recover from threats that cannot be controlled or mitigated.
The team collaborates across the organisation, with IT and business teams and functions such as HR, Risk Management and Compliance.
Within the Group Business Continuity team & Crisis Management team, you will:
Contribute to define the strategy and support the implementation of one of the Security projects aiming at reducing third parties (providers, business partners, clients) security risks across the group.
This project covers the end-to-end third party’s security risk management process and will be progressed in close collaboration with Supply Chain and other teams.
This process will be based on the following key elements:
A risk profiling of suppliers / third parties (new and existing);
A security risk assessment tailored to the risk profile
Management of the “residual” risks in line with the risk management framework
Contractual requirements and termination
Alongside to this project the contractor will be an information security advisor to the business on different topics, including current vendor’s assessments.
The contractor will join a small team of security analysts who already started the project a few months ago using Agile way of working.
Education: Degree in IT or Business
Strong experience of Information Security (including certifications) and of third parties security management
You are able to set the direction of a project and like working with different people and have strong oral and written communication skills.
You are accurate, timely and able to organise yourself independently. You have strong attention to details.
You like to work in team, to coordinate and you can adapt your approach depending on your counterpart