Governance Risk and Control Analyst / Tester
IT Security / Cyber Security
Work from home / London
6 months initially
£586.50 pd all-in figure PAYE
As a trusted and established IT recruitment partner to this international bank, we have been asked to assist in the hire of a Governance Risk and Control Analyst / Tester.
This role sits within IT Risk, Security & Control and covers cyber security strategy maintenance and tactical planning and operations to provide IT Security protection, governance, risk management and reporting.
Main Purpose of the Role:
To conduct controls testing of cybersecurity controls against industry security frameworks (e.g., SOX ISO27001. NIST Cybersecurity Improvement framework, FFIEC):
Interviewing business and technology stakeholders responsible for controls (technical and non-technical)
Developing risk and controls matrices
Assessing control design
Developing a testing strategy for testing operating effectiveness of controls
Identifying and reviewing the relevant evidence required to demonstrate the operating effectiveness
Arriving at informed conclusions regarding gaps in control operating effectiveness
Documentation of risks, gaps, findings and recommended actions
Preparing accurate reports and using tools such as PowerPoint, Word, Excel, SharePoint, Open Pages
Experience of working as an IT auditor, security auditor or governance, risk and compliance analyst
Good understanding of cybersecurity/IT control frameworks including but not limited to frameworks from SOX, FFIEC, ISO27001, NIST, Cloud Security Alliance, and PCI-DSS
Proven understanding of current best practice approach to security assurance and the application of security frameworks
Experience in project management
Experience of security risk management
Broad knowledge of computer, networking and IT security systems including operating systems, databases, firewalls, SIEM, DLP etc
This role may suit individuals who have held the following roles: IT Security Analyst, IT Security Auditor, IT Security Consultant.
£586.50 pd all-in figure PAYE (This is the figure we would pay your nominated umbrella. It includes holiday accrual. All statutory taxes would come out of this figure).
Deerfoot IT is one of the UK's most established, independent IT recruitment specialists. We are keen to foster strong relationships with IT consultants based on providing a transparent and supportive service. Now in our 24th year we pay promptly and are a stable contracting partner in good financial health. Deerfoot IT: Est. 1997. REC member. ISO certified. *Each time we send a CV to a recruiting client we donate £1 to The Born Free Foundation (charity no. ). We never send your CV without your email authorisation.