Governance Risk and Control Analyst/Tester
 Inside IR35
 Leading banking client requires an experienced Governance Risk and Control Analyst/Tester to join on an initial 6 month contract to conduct controls testing of cybersecurity controls against industry security frameworks (e.g., SOX ISO27001. NIST Cybersecurity Improvement framework, FFIEC). 
  - Experience of working as an IT auditor, security auditor or governance, risk and compliance analyst
- Good understanding of cybersecurity/IT control frameworks including but not limited to frameworks from SOX, FFIEC, ISO27001, NIST, Cloud Security Alliance, and PCI-DSS
- Proven understanding of current best practice approach to security assurance and the application of security frameworks
- Experience in project management
- Planning and prioritizing multiple project work streams in response to rapidly developing and changing portfolios.
- Experience of security risk management
- Broad knowledge of computer, networking and IT security systems including operating systems, databases, firewalls, SIEM, DLP etc
- Ability to handle ambiguity and make decisions and recommendations with limited data
- Solid analytical/problem-solving skills with capability to identify solutions to unusual and complex problems
- Good presentation, documentation and reporting skills
Essential skills:
  - Experience in managing multiple tasks with broad scope, ambiguity, and high degree of difficulty
- Experience in providing assurance for cybersecurity technologies, policies, standards and procedures
- Demonstrable proficiency in a wide range of information IT security domains such as Security Governance, Identity and Access Management, Access Controls, Threat Intelligence, Asset Management, Risk Management, Security Assessment/Testing, Security Incident Management and Vulnerability and Patch Management
- Possessing high level of analytical ability where problems are typically unusual and difficult
- Ability to maintain a working knowledge of cybersecurity principles and elements
- Understand global IT risk management structure
- Demonstrable experience of senior stakeholder management and relevant management reporting.
- Ability to coach team members through knowledge transfer and constructive feedback
Governance Risk and Control Analyst/Tester
 Due to the volume of applications received for positions, it will not be possible to respond to all applications and only applicants who are considered suitable for interview will be contacted. 
 Proactive Appointments Limited operates as an employment agency and employment business and is an equal opportunities organisation
 We take our obligations to protect your personal data very seriously. Any information provided to us will be processed as detailed in our Privacy Notice, a copy of which can be found on our website