British Red Cross Ukraine Crisis Appeal

£3750+ donated already with continuing regular donations.

Ukraine Crisis

Apply for this Job

UploadChoose a CV

To find out about how we process your data, please read our privacy policy.


  • LocationRemote
  • SalaryCompetitive rates
  • Job TypeContract
  • ReferenceRID001
  • Date posted26-Jan-23

RoleCybersecurity - Controls Design Analyst


Our client is one of the largest Financial Institutions and Financial Services organizations in the world, with operations in 64 countries and territories.


Using technology to transform the world’s leading financial institution, this is a job for the boldest problem solvers in the tech industry.


Team - You will be part of a cross-functional global team transforming our digital capabilities.


Project - Cybersecurity Controls Design Analyst will support the continued maintenance and development of the Cybersecurity control environment. The role holder will be tasked with the support of defining and maintaining operational control instances and their attributes, control measurements as well as control requirements for Group Cybersecurity.




  • Engage with a variety of stakeholders (including but not limited to: Control Owners and 2LoD) to ensure that the Cybersecurity owned controls in the Risk and Controls Library are designed according to the Bank’s requirements and industry standards and best practices.
  • Work with stakeholders and peers to ensure that Cybersecurity control measurements are defined in accordance with KCI Design Framework and industry best practices.
  • Work with Cybersecurity teams to ensure that the defined controls are compliant with Legal/Regulatory requirements and that control measurements provide sufficient insights for management reports.
  • Maintain and regularly review Cybersecurity control requirements and supportive documents.
  • Align Cybersecurity control requirements to industry best practices and regulatory expectations.


Qualifications / Requirements:


  • Experience with risk and control frameworks.
  • Expertise in Control Management. This includes but is not limited to controls design, implementation, further assessments or testing.
  • Solid understanding of the Inherent/Residual risk concepts.
  • Ability to translate difficult IT concepts into business-friendly language.
  • Knowledge of Cybersecurity – at least a generalist with specialist area expertise welcome.
  • Understanding of metrics and measures in managing risks and controls (KCIs, KRIs, KPIs) is a must.
  • Managing stakeholders including Cybersecurity Leadership and staff, Chief Controls Office and 2LoD Resilience Risk teams.
  • Team-oriented mentality combined with ability to complete tasks independently to a high quality standard.
  • Interpersonal Skills.



Nice to have :


  • Familiarity with the NIST 800-53 would be beneficial.
  • Familiarity with Centre for Internet Security (CIS) Measures and Metrics is a plus.
  • Experience with GRC Tools is a plus.
  • Industry certification in Risk/Technology/Security is a plus.


Employment Type – B2B


The way we work


  • Stable, long-term projects
  • Full-time employment contract or B2B
  • Flexible working hours & home office
  • Tech communities and cultural communities
  • Mentoring programs




  • Private medical care and life insurance
  • Access to Multisport card


Other benefits:


  • Highly skilled tech team who is always ready to help, collaborate and share knowledge
  • Clear career engineering path and the possibility to rotate between projects and teams (for a longer time)


Have we sparked your interest?

Get in touch! We are looking forward to speaking to you.



Reach out to me at or apply for this job to know more.

Similar Jobs.

Apply for this Job

Customer Reviews

Net Promoter Score



NetPromoter Score


10 out of 10. Danielle has been a pleasure to work with thus far, excellent communication, and very helpful in scheduling time with distributed team members.


NetPromoter Score


Unfortunately, position I applied has been filled out before my interview with client. However, I would definietely recomend (10) Vertex to others.


NetPromoter Score


- Felt professionally represented for roles we pursued - Relevant opportunities presented in light of discussions we had and my expectations

Let's Work Together

I’m looking for a job a candidate or would like to work at Vertex