IS COB & Controls Sr. Analyst Job Details
Vacancy has expired
Show me jobs like this one| Employer: | Citi Group | Job Ref No: | 11046662 | Job Title: | IS COB & Controls Sr. Analyst | Sector: | Other | Sub Sector: | Other | Risk Type: | Other | Expertise: | Risk Manager | The ISO function serves to support the Business in implementing the Corporate Information Security Program. This role supports the UK Consumer business, acting as a subject matter expert and consultant in Information Security. There is a requirement to travel within the UK to other business locations and third parties. Focuses on key BISO activities •Acts as a subject matter expert and authority on Information Security across the UK Retail business •Ensures regular communication with all business areas and executive level management and GISO office •Performs risk assessments (ISRA/CRA), identifying risks to the business •Executes and signs off Risk Acceptances (RAs) or Corrective Action Plans (CAPS) or Residual Risk Form (RRF) •Leads Third Party IS Assessments (TPISAs), consulting with third parties and project teams, performing risk assessments and site visits and recommending corrective action plans to minimise risk •Input in the business project process, specifying information security requirements and be a sign off authority •Participates in audits across the whole business where they impact on information security •Delivers IS training awareness to all levels of the business and design targeted awareness where necessary for specific business areas where there is an identified high level of IS risk •Performs secure workplace reviews, identifying risks, consulting with management on corrective actions and increasing awareness •Identifies, risk assesses and reports on security incidents and monitors remediation, acting as a point of escalation and reporting to the business head •Coordinates Vulnerability Assessments •Consults with the business to ensure all confidential data is handled securely •Designs information security procedures specific to the business area and consults with the business to assist in the development and improvement of business processes in line with policies and stds Acts as a business partner: •Educates, advises and influences the business on safe IS practices and current, changing, and/or recommended IS requirements •Coordinates IS activities with business plans •Articulates the value of IS controls and its bottom line impact in order to influence more secure practices •Seeks opportunities to enhance the efficiency of policies and processes •Assists in the IS education of new employees •Partners with business coordinators in other disciplines (e.g., RCSA, COB, Records Management, Fraud Management, Compliance, Operation Risk etc.) Minimizes risk to the business. •Identifies significant IS threats and vulnerabilities and ensures corrective action plans •Defines and designs the appropriate controls for IS threats and documents business response •Addresses instances of non-compliance in business units, applications, documents and processes and consults with the business to design appropriate remediation•Experience with interpretation, creation, and application of policies, standards and level 3 procedures •Detailed knowledge of corporate policies for information security and related topics is an asset but can be learned •Experience with two or more IS program element areas, including: risk assessment, training and awareness, third party assessment, identity and entitlement management, secure workplace, and incident management •Experience in the risk / control environment •Understanding of the IS risks that are inherent to a business •Experience with internal audits a plus •Knowledge of business, regulatory and compliance requirements •Strong risk analysis and problem solving skills •Working knowledge of the technology aspects of security •Project management skills advantageous •Proficient verbal and written English language skills Qualifications: •Ideally educated to degree level •Industry certification is an advantage (ie; CISSP, CISM etc.) Competencies: •Strong communication and presentation skills •Ability to work well with others at all levels of the business and across different geographical locations •Commercially astute with highly developed business and technical consultancy skills including the management of inter-organisation relationships and services. •Demonstrable experience of building and sustaining productive business focussed relationships. •Able to demonstrate a track record of success in previous roles •Strong communication and presentation skills •Ability to work well with others at all levels of the business and across different geographical locations •Commercially astute with highly developed business and technical consultancy skills including the management of inter-organisation relationships and services Exceptional candidates who do not meet these criteria may be considered for the role provided they have the necessary skills and experience.
Demonstrates an appreciation of a diverse workforce. Appreciates differences in style or perspective and uses differences to add value to decisions or actions and organizational success.
| Employment Type: | Full Time | Region/Country: | Europe, UK | City: | London | Address: | Post Date: | 02/10/2012 |
Action
Featured jobs |
|
Featured employers |
