Are accountable for GBG’s Information Security, Security Architecture, Security Compliance, Security Awareness, Security Operations and Information Security Risk Management.
Information Security Analyst is responsible for the support of GBG’s group wide ISMS
What you will doSupport the delivery of the GBG Cyber Strategy, Services, Capabilities and Group CISO across GBGAssist the implementation of GBG Information Security services as part of the CISO functionWork as directed by the Information Security Management Team to influence and support the positive management of GBG security risks and remediation activitiesWork as part of the GBG Information Security team across a number of security improvement work streams, which support various business units and geographic regionsCoordinate and manage third party supplier security review process, schedule and risk management/mitigation activities.Support the development of security audits, processes and procedures, and supports service-level agreements (SLAs) to ensure that security services are managed and maintainedWork with information security leadership & IT teams to develop plans to enforce security requirements and address identified risksManages relationship with GBG auditors
To help you be successful, we’re looking for
Strong ICT skills including familiarity with Microsoft Office365 product suiteExcellent communication skills in English (proficiency in Mandarin an added advantage) and the ability to interact with wider audience stakeholders across the globeOpen and honest communication, and ability to support team members within the Information Security teamStrong organisational skills and good attention to detailAbility to prioritise work tasks in order to achieve objectives, hit milestones and complete project work within expectationsContemporary understanding of supplier review processes, and proven experience, and ability to successfully deliver results in accordance with industry standards and within specific deadlinesA working knowledge of the latest information technology security trends and emerging threatsExperience of performing risk assessments, business impact analyses, and internal information security auditsExperience of common information security management frameworks and standards, such as ISO27001/2, ITIL, COBIT, PCI-DSS and National Institute of Standards and Technology (NIST)Familiarity with relevant legislation including DPA and GDPRStrong analytical skills to analyse security requirements and relate them to appropriate security controlsExposure to group-wide standards and policies relating to ISO27001/2 controlsExposure to handling exceptions to policyExposure to risk assessments of products and servicesExposure to treatment plans for risks and management of risk modelsExperience to External & Internal RFP’sExposure to audits from external sources, i.e. client requests, official bodies such as BSI, regulatorsBehaviours:A willingness to learn and develop with a security focus, with the ability to manage expectations appropriately, building long-term relationships
This role may require travel and working from multiple sites / locations. Willingness to travel to participate in meetings, workshops, and other related activities is required for the successful delivery of this role.
Type : Company job
Role : Senior Executive
Industry : Computer/Information Technology (Software)
Salary : Not Disclosed
GBG is a global specialist in Identity Data Intelligence. We help organisations make decisions aboutthe customers they serve and the people they employ.
Through our fundamental belief that the digital economy relies on everyone having access to data they can trust, GBG enables companies and governments to fight fraud and cybercrime, to improve the customer experience and help to protect the more vulnerable people in our society.
Headquartered in Chester (UK) and operating on 21 locations in 13 countries, GBG provides solutions to many of the world's biggest organisations, from established brands like Nike and Harrods to disruptive newcomers such asTaskRabbitand Stripe.
Find out more about how we use identity intelligently by visitingwww.gbgplc.com, following us on Twitter@gbgplcand reading our blog:www.gbgplc.com/uk/blog