IT Audit & Assurance - Information Security - (NESA, CISM, CISA)
Posted on Mar 18, 2020 by Salt
IT Audit & Assurance | IT Risk | | Information Security | Compliance | SWIFT CSCF | NESA | CISA | CISM | CRISC | PCIP - Brussels
Rate: €600 - €800 per day
Duration: 7 month contract
Control Assurance Analyst
To face the ever evolving threats my client are expanding their Group Security & Business Resilience Division.
As a global critical financial infrastructure, the protection of my clients information and assets is fundamental to the company's business.
Security is at the core of their services, firmly Embedded in the management systems and processes of the company.
You will be joining our Group Security & Business Resilience (GSBR) team in charge of putting in place the required controls to adequately and effectively protect our information assets.
The recent spate of cyber-attacks on some of the world's largest organisations has highlighted the requirement for a strong information and security function.
Security threats to my client are a Board-level agenda item as they have the capacity to disrupt
Role: IT Audit & Assurance | IT Risk | | Information Security | Compliance | SWIFT CSCF | NESA | CISA | CISM | CRISC | PCIP
- As a Control Assurance Analyst you will join the Security Assurance & Testing team, within which you will:
- Perform security assurance on existing and new security controls
- Evaluate compliance with different frameworks (Swift CSCF, FFIEC, NIS Directive, etc.)
- Consider the impact of detected deviations using a risk based approach
- Follow-up on new security related regulatory frameworks
- Discuss with stakeholders (security experts, project managers, internal audit, etc.) the outcome of the assurance process
- Proactively work with stakeholders on control expectations and evidencing
Skills: IT Audit & Assurance | IT Risk | | Information Security | Compliance | SWIFT CSCF | NESA | CISA | CISM | CRISC | PCIP
- An IT, Science, Civil engineering or Commercial engineering related degree (Bachelor, Master, PhD)
- Security certifications such as CISSP, CISA, CISM, CGEIT, or CRISC are an asset
- At least 3 years in IT within a large or complex organisation, of which 2 years in a information security position
- A first experience with the implementation or assessment of a security framework (eg ISO 27000)xA good general knowledge information security (identity & access management, systems security, network security, vulnerability management, incident management, application security, business continuity, asset classification, etc.)
- Independent and self-organising
- At ease in a fast changing environment
- Accurate, acting with attention to details
- Flexible and pragmatic
- A good team player
- Fluent in English (both written and spoken)