Cyber Security Operations Analyst – Vulnerability, Risk & Compliance

Job Description: Role: Info Sec Analyst

Duration: 6-8 Months

Hybrid- 2 days in office 9am-5pm

MUST HAVE:

• Clear understanding of the Three Lines of Defence model and its application within risk and control frameworks
  
• ServiceNow Vulnerability Response / Configuration Compliance Operations experience
  
• Experience building simple queries in ServiceNow and Splunk
  
• Must have effective communication skills, both verbally and written.
  
• Compliance operations or vulnerability management experience
  
• Cyber security/Information security experience
  
• Risk management experience
  

Years of experience: 3 to 4 years of Technology Risk, Cyber Security or similar working experience % Interaction with Stakeholders: Vast majority of the time Team Size: Medium scale team

Project: Business as usual, no project work to begin with How will performance be measured: Deliverables and deadlines being met, etc

SUMMARY OF DAY-TO-DAY RESPONSIBILITIES:

Specific to the role:

• Monitoring and triage reports and dashboards identifying security non-compliant assets.
  
• Create and follow runbooks to notify, track and escalate non-compliant issues.
  
• Partner with technology teams to identify solutions, track progress, escalate roadblocks and produce summary reporting on non-compliance remediation.
  
• Provide leadership for the provision of technical expertise in development and support of activities, processes, procedures, and tools for protecting information security with a focus on application security.
  
• Research, design and implement application security solutions and practices.
  
• Direct testing of security plans. Lead the evaluation of new and proposed security systems and technologies.
  

NICE TO HAVE

• Experience creating dashboard in ServiceNow
  
• Jira experience
  
• PowerBI experience
  
• Crowdstrike experience
  
• IT Audit / Technology Risk assessment experience