Information Security and Governance Analyst
- Role Type
Any Ricardo office globally
- Closing Date
Ricardo is seeking an experienced Information Security and Governance Analyst to manage the Information Security Management System (ISMS). This role will require travel to other Ricardo offices and flexibility of working hours in order to support our Global Business.
Management of the ISMS.
Provide security subject matter expertise on projects and act as an advisor on information risk management issues.
Internal Information Security audits, producing reports with recommendations for remediation and improvement.
Support in the execution of the general data privacy assessment processes (including third-party assessments), internal control reviews, and risk assessments to monitor compliance with information security policies and standards.
Client compliance questionnaires relating to information security.
Asset and risk management.
Identify and implement continuous improvement activities for risk management processes across the wider Information Security function.
Maintaining staff information security awareness.
ISO/IEC 27001:2013 Lead implementer / auditor certification desirable.
Working knowledge of Information Security best practices ISO/IEC 27001:2013, TISAX, Cyber Essentials and NIST CSF.
Knowledge of current information security legislative / regulatory requirements such as GDPR.
Demonstrable experience assessing security in cloud environments such as AWS and Azure.
Skilled in developing and implementing clear policies, procedures and controls for Information Security.