VG
Senior Consultant focused on ISMS, BCM, and cybersecurity compliance at VICCON GmbH. Leading projects and collaborating with clients to enhance their information security and resilience.
About the role
- Senior Security Analyst supporting Certification and Assurance at Mastercard. Managing certifications and conducting control testing against various security standards and frameworks.
Responsibilities
- Support the preparation for annual certification audits.
- Support the assessment and validation of controls and processes against a variety of security standards and obligations.
- Assist in managing certifications (e.g., ISO27001, PCI DSS) and assurance activities (e.g., ISAE3000).
- Evaluate compliance with internal policies, standards, regulatory requirements, and customer obligations.
- Prepare clear and accurate control testing documentation, including test procedures, results, and supporting evidence.
- Support periodic testing of controls in line with a Control Testing Methodology.
- Timely collection of control testing evidence from relevant Control Owners to support scheduled testing activities.
- Identify and document control deficiencies, ensuring timely escalation to the Manager and support remediation follow-up activities.
- Support the team Director in delivering the Certification and Assurance plan.
- Maintain close working relationships with Control and Process Owners and Operators to operate certificate maintenance and assurance activities efficiently and effectively.
- Work closely with 1st Line teams to obtain evidence, clarify processes, and ensure accurate testing outcomes.
- Liaise with 2nd Line Security partners and Internal Audit as directed, ensuring transparency and alignment with control testing activities.
- Contribute to the preparation of management information, dashboards, and thematic analysis for governance forums.
- Support control owners by providing observations on control effectiveness and contributing to discussions on remediation approaches.
- Support the development of certification management, assurance activities and control testing processes, standards, tools, and methodologies.
- Adhere to established control testing standards, procedures, and documentation requirements.
- Provide input on opportunities to streamline testing activities, improve efficiency, and enhance the consistency of outcomes.
- Contribute to the maturity of the 3 Lines of Defence model and promote a culture of proactive risk management.
- Stay informed on emerging risks, regulatory changes, certification changes and industry best practices with a focus on cybersecurity risks.
Requirements
- Experience of conducting security related audits/reviews
- Knowledge and experience of all areas of security
- Experience in control testing or assurance within security in a regulated environment
- Experience operating good practice security audit management and assurance processes
- Good investigative and analytical experience (e.g. enquiry, scanning, analysis, interviewing, testing), problem-solving, and decision-making skills
- Experience of working with control frameworks and standards (e.g. ISO27001, NIST, CRI, or PCI-DSS).
- Ability to assess control design and operating effectiveness in complex environments and to identify control gaps and improvement opportunities
- Good communication and stakeholder engagement skills.
- Professional certifications such as CISA, CISM, CISSP, PCI SSC ISA, CRISC, or equivalent is desirable.
- Bachelor’s degree in Computer Science, Cyber Security, Information Technology, or a related field.
- Good Knowledge of security controls and IT general controls across a variety of platforms and environments.
- Knowledge of security related control frameworks and standards.
- Proficiency in Microsoft Office Suite (MS Word, MS Excel, MS Access and MS PowerPoint)
Benefits
- Health insurance
- Flexible working hours
- Professional development
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
GSS Officer at Itad supporting safety, security, and travel policies. Overseeing risk management and collaborating with project teams for operational support.
Install and manage fall protection systems at height, ensuring compliance with safety standards. Leadership required in overseeing teams and project delivery at construction sites.
Security Design Lead in Rabobank's cybersecurity team, designing secure technology solutions for food & agribusiness banking. Collaborating across teams to ensure robust security implementations.
Identity Security Posture Management Specialist enhancing identity security posture at Kemper Insurance. Collaborates across teams to tackle identity risks and compliance challenges in a high - performing culture.
Principal Architect developing cybersecurity strategy for Ensemble's technology - enabled revenue cycle management solutions. Focus on securing cloud architectures and ensuring information assurance in healthcare.
Zscaler Engineer responsible for maintaining cybersecurity tools and developing integrations at HP. Collaborating across teams to enhance data loss prevention strategies and monitor industry threats.
Senior Manager overseeing Security Risk Management at First American. Leading enterprise policies, third - party vendor security, and security strategy execution.
Designer developing comprehensive application solutions for security systems at Johnson Controls. Collaborating on technical sales support and large - scale integrated electronic security systems.
Analyst role supporting Epic Security & Configuration at Acrisure, ensuring application functionality and troubleshooting issues. Collaborating with teams for configuration and security in Applied Epic systems.