Control Design Analyst

Role – Cybersecurity - Controls Design Analyst

 

Our client is one of the largest Financial Institutions and Financial Services organizations in the world, with operations in 64 countries and territories.

 

Using technology to transform the world’s leading financial institution, this is a job for the boldest problem solvers in the tech industry.

 

Team - You will be part of a cross-functional global team transforming our digital capabilities.

 

Project - Cybersecurity Controls Design Analyst will support the continued maintenance and development of the Cybersecurity control environment. The role holder will be tasked with the support of defining and maintaining operational control instances and their attributes, control measurements as well as control requirements for Group Cybersecurity.

 

Responsibilities:

 

• Engage with a variety of stakeholders (including but not limited to: Control Owners and 2LoD) to ensure that the Cybersecurity owned controls in the Risk and Controls Library are designed according to the Bank’s requirements and industry standards and best practices.
• Work with stakeholders and peers to ensure that Cybersecurity control measurements are defined in accordance with KCI Design Framework and industry best practices.
• Work with Cybersecurity teams to ensure that the defined controls are compliant with Legal/Regulatory requirements and that control measurements provide sufficient insights for management reports.
• Maintain and regularly review Cybersecurity control requirements and supportive documents.
• Align Cybersecurity control requirements to industry best practices and regulatory expectations.

 

Qualifications / Requirements:

 

• Experience with risk and control frameworks.
• Expertise in Control Management. This includes but is not limited to controls design, implementation, further assessments or testing.
• Solid understanding of the Inherent/Residual risk concepts.
• Ability to translate difficult IT concepts into business-friendly language.
• Knowledge of Cybersecurity – at least a generalist with specialist area expertise welcome.
• Understanding of metrics and measures in managing risks and controls (KCIs, KRIs, KPIs) is a must.
• Managing stakeholders including Cybersecurity Leadership and staff, Chief Controls Office and 2LoD Resilience Risk teams.
• Team-oriented mentality combined with ability to complete tasks independently to a high quality standard.
• Interpersonal Skills.

 

 

Nice to have :

 

• Familiarity with the NIST 800-53 would be beneficial.
• Familiarity with Centre for Internet Security (CIS) Measures and Metrics is a plus.
• Experience with GRC Tools is a plus.
• Industry certification in Risk/Technology/Security is a plus.

 

Employment Type – B2B

 

The way we work

 

• Stable, long-term projects
• Full-time employment contract or B2B
• Flexible working hours & home office
• Tech communities and cultural communities
• Mentoring programs

 

Benefits:

 

• Private medical care and life insurance
• Access to Multisport card

 

Other benefits:

 

• Highly skilled tech team who is always ready to help, collaborate and share knowledge
• Clear career engineering path and the possibility to rotate between projects and teams (for a longer time)

 

Have we sparked your interest?

Get in touch! We are looking forward to speaking to you.

 

 

Reach out to me at r.baradiya@vertex-solutions.com or apply for this job to know more.