Harvey Nash IT Recruitment UK
Identity & Access Management Risk and Governance Senior Analyst- £40,000- £55,000- Hybrid- London Company: The Guardian Location: London, Kings Cross Harvey Nash are proud to be working as a retained recruitment partner for The Guardian, a trusted and globally recognized news organisation, at the forefront of digital journalism. seeking an accomplished Identity & Access Management Governance Senior Analyst to join the Information Security team. If you possess the skills and expertise to manage and monitor identity and access management compliance and risk we want to hear from you. Key Responsibilities: As an Identity & Access Management Governance Senior Analyst, you'll play a crucial role in ensuring the security of digital infrastructure. Your responsibilities include: * Analysing risks and anomalies in identity and access management controls, such as leavers analysis, movers analysis, and privileged account usage. * Conducting periodic reviews of entitlement data and role compositions, collaborating with application and business owners to address issues. * Providing input on identity and management controls for new products and change programs. * Maintaining the identity and access management risk and control framework. * Designing and executing user access review campaigns. * Advising on password management control designs and conducting periodic testing. * Supporting the Privileged Access Management technology Product Owner in onboarding new accounts. * Assisting the Security Operations Centre in resolving identity and access management-related alerts and incidents. * Advising on conditional access policy designs and performing periodic testing. * Providing guidance on authentication controls designs and conducting periodic testing. * Assisting in responding to external and internal audit queries related to Identity and Access Management. * Reporting against defined key performance indicators (KPIs) for Identity and Access Management. * Offering input to the security operations team in responding to organizational identity and access management risk-related queries. * Advocating for information security across the organization, fostering a culture of risk awareness and mitigation. Key Skills: To excel in this role, you should have: * Knowledge of identity and access management risk and controls in alignment with standard security frameworks. * Strong communication skills and the ability to collaborate with colleagues across the business to implement best practices in identity and access management. * Initiative and the ability to work independently to deliver risk and control advice. * The capacity to translate technical concepts into business risks understood by non-technical colleagues. Knowledge and Experience: Essential: * Experience with common information security management frameworks such as NIST, ISO 27001, or related Identity and Access Management training. * Demonstrable experience in identifying identity and access management risks and designing controls to address them. Desirable: * Experience in designing conditional access and/or authentication policies/controls for cloud applications/environments. * Understanding of emerging trends in identity and access management. * Professional security management certifications such as CISSP, CISM, CISA, or ISO 27001 Lead Auditor. * Experience in conducting assurance over identity & access management and/or information security controls. The Guardian is an equal opportunity employer. We are committed to creating a diverse and inclusive workplace and welcome all qualified applicants regardless of race, colour, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age If the above sounds like something you would be interested in pursuing please apply via this posting and or E-mail (see below) for more information.
Identity & Access Management Risk and Governance Senior Analyst- £40,000- £55,000- Hybrid- London Company: The Guardian Location: London, Kings Cross Harvey Nash are proud to be working as a retained recruitment partner for The Guardian, a trusted and globally recognized news organisation, at the forefront of digital journalism. seeking an accomplished Identity & Access Management Governance Senior Analyst to join the Information Security team. If you possess the skills and expertise to manage and monitor identity and access management compliance and risk we want to hear from you. Key Responsibilities: As an Identity & Access Management Governance Senior Analyst, you'll play a crucial role in ensuring the security of digital infrastructure. Your responsibilities include: * Analysing risks and anomalies in identity and access management controls, such as leavers analysis, movers analysis, and privileged account usage. * Conducting periodic reviews of entitlement data and role compositions, collaborating with application and business owners to address issues. * Providing input on identity and management controls for new products and change programs. * Maintaining the identity and access management risk and control framework. * Designing and executing user access review campaigns. * Advising on password management control designs and conducting periodic testing. * Supporting the Privileged Access Management technology Product Owner in onboarding new accounts. * Assisting the Security Operations Centre in resolving identity and access management-related alerts and incidents. * Advising on conditional access policy designs and performing periodic testing. * Providing guidance on authentication controls designs and conducting periodic testing. * Assisting in responding to external and internal audit queries related to Identity and Access Management. * Reporting against defined key performance indicators (KPIs) for Identity and Access Management. * Offering input to the security operations team in responding to organizational identity and access management risk-related queries. * Advocating for information security across the organization, fostering a culture of risk awareness and mitigation. Key Skills: To excel in this role, you should have: * Knowledge of identity and access management risk and controls in alignment with standard security frameworks. * Strong communication skills and the ability to collaborate with colleagues across the business to implement best practices in identity and access management. * Initiative and the ability to work independently to deliver risk and control advice. * The capacity to translate technical concepts into business risks understood by non-technical colleagues. Knowledge and Experience: Essential: * Experience with common information security management frameworks such as NIST, ISO 27001, or related Identity and Access Management training. * Demonstrable experience in identifying identity and access management risks and designing controls to address them. Desirable: * Experience in designing conditional access and/or authentication policies/controls for cloud applications/environments. * Understanding of emerging trends in identity and access management. * Professional security management certifications such as CISSP, CISM, CISA, or ISO 27001 Lead Auditor. * Experience in conducting assurance over identity & access management and/or information security controls. The Guardian is an equal opportunity employer. We are committed to creating a diverse and inclusive workplace and welcome all qualified applicants regardless of race, colour, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age If the above sounds like something you would be interested in pursuing please apply via this posting and or E-mail (see below) for more information.
Request Technology
Chicago, Illinois
Senior Analyst - Information Governance/Data Protection Salary: Open + Bonus Location: Chicago, IL Hybrid: 3 days on-site, 2 days remote *We are unable to provide sponsorship for this role* Qualifications Bachelor's degree 5+ years of applicable work experience Previous work with information or data governance control activities in the financial services industry. Experience in the financial services industry. Office 365 (Word, Excel, PowerPoint) Experience with systems supporting Compliance, Risk, Audit, Privacy, and Management such as ServiceNow, Archer, etc. Project/Program Management Business Intelligence tool experience Responsibilities Strong interest in understanding and solving data challenges with experience in information governance, data protection, and privacy policy. Knowledge of and work experience with enterprise systems, networks, databases, and other technical domains Strong attention to detail, customer orientation, communication, and presentation skills including the ability to listen and quickly translate business needs into solutions and build effective working relationships. Strong experience in building the capabilities for auto data classification, data security and data protection. Experience with classification standard definitions and settings. Experience with Privacy requirements and work with personal information and its protection. Strong strategic thinking, problem solving, and analytic skills.
Senior Analyst - Information Governance/Data Protection Salary: Open + Bonus Location: Chicago, IL Hybrid: 3 days on-site, 2 days remote *We are unable to provide sponsorship for this role* Qualifications Bachelor's degree 5+ years of applicable work experience Previous work with information or data governance control activities in the financial services industry. Experience in the financial services industry. Office 365 (Word, Excel, PowerPoint) Experience with systems supporting Compliance, Risk, Audit, Privacy, and Management such as ServiceNow, Archer, etc. Project/Program Management Business Intelligence tool experience Responsibilities Strong interest in understanding and solving data challenges with experience in information governance, data protection, and privacy policy. Knowledge of and work experience with enterprise systems, networks, databases, and other technical domains Strong attention to detail, customer orientation, communication, and presentation skills including the ability to listen and quickly translate business needs into solutions and build effective working relationships. Strong experience in building the capabilities for auto data classification, data security and data protection. Experience with classification standard definitions and settings. Experience with Privacy requirements and work with personal information and its protection. Strong strategic thinking, problem solving, and analytic skills.
Request Technology - Craig Johnson
Chicago, Illinois
*Position is bonus eligible* Prestigious Financial Company is currently seeking an Information Data Governance and Protection Analyst. Candidate will be responsible for supporting the development and implementation of the information governance, data protection, and privacy program. This includes supporting the development of strategies, policies, procedures, and controls related to the governance and protection of information throughout its life cycle. In addition, the role will work with stakeholders to define the information governance, data protection, and privacy requirements; will facilitate compliance with the identified requirements to control risk; will represent the program to internal and external stakeholders; and will support the development and implementation of training and awareness programs. This role will focus on compliance with applicable regulatory and legal rules and requirements (ie SEC-Regulation SCI, CFTC-System Safeguards, etc.) as they relate to information including support of regulatory exam and Internal Audit remediation planning, tracking, and mitigation. Responsibilities: Work with appropriate stakeholders and across the organization to create a culture that manages information as an enterprise asset Implementation of the information governance, data protection, and privacy program including the development of policies, procedures, and job aids Identification, implementation, and use of technologies to support program objectives and classification standards Execution of controls and risk assessments (eg, third-party risk, privacy, data protection) Responsible in performing the privacy impact assessment on data incidents and working with relevant stakeholders like Security Services and Legal to help closing the incident. Creation and execution of strategies to identify information across the organization and throughout its life cycle Preparation of program for regulatory and internal audits/examinations and timely remediation of any findings Use of technology/tools to track projects, manage deliverables and create reporting that support the program and its objectives Support of compliance assessments for information governance, data protection, and privacy including development of controls to measure risk Development and maintenance of the organization's Records and Information Management (RIM) program, ensuring information across all media and formats is properly retained and disposed including remediation of Legacy information Ensure retention, disposition, protection, and classification are addressed in new applications, platforms, and systems Collaborate with internal and external stakeholders to implement information governance, data protection, and privacy policies and requirements Support and develop training and awareness programs for information governance, data protection, and privacy. Identify trends in privacy and regulatory requirements, compliance enforcement, and action the necessary changes in the program. Qualifications: Strong interest in understanding and solving data challenges with experience in information governance, data protection, and privacy policy Knowledge of and work experience with enterprise systems, networks, databases, and other technical domains Strong attention to detail, customer orientation, communication, and presentation skills including the ability to listen and quickly translate business needs into solutions and build effective working relationships Strong experience in building the capabilities for auto data classification, data security and data protection. Experience with classification standard definitions and settings Experience with Privacy requirements and work with personal information and its protection Strong strategic thinking, problem solving, and analytic skills Utilize metrics as means to improve performance Ability to adapt to change in emerging environments and work across multiple areas Experience in developing policies and procedures Experience in project management, project execution, and managing multiple priorities in a timeline driven environment Experience working in a highly regulated environment including an understanding of audit and compliance requirements Office 365 (Word, Excel, PowerPoint) Experience with systems supporting Compliance, Risk, Audit, Privacy, and Management such as ServiceNow, Archer, etc. Project/Program Management Business Intelligence tool experience Bachelor's degree or higher in information management, information systems, law, computer science or BA/BS in another discipline with equivalent experience Experience in the financial services industry Certifications Preferred: Certifications in Information, Data, Privacy Records or Security such as: Certified Information Privacy Professional (CIPP), Certified Information Privacy Management (CIPM), Certified Records Manager (CRM), and/or Certified Information Privacy Technologist (CIPT), Certified Information Systems Security Professional (CISSP), Information Governance Professional (IGP), Certified Information Security Manager (CISM) and Certified Information Systems Auditor (CISA)
*Position is bonus eligible* Prestigious Financial Company is currently seeking an Information Data Governance and Protection Analyst. Candidate will be responsible for supporting the development and implementation of the information governance, data protection, and privacy program. This includes supporting the development of strategies, policies, procedures, and controls related to the governance and protection of information throughout its life cycle. In addition, the role will work with stakeholders to define the information governance, data protection, and privacy requirements; will facilitate compliance with the identified requirements to control risk; will represent the program to internal and external stakeholders; and will support the development and implementation of training and awareness programs. This role will focus on compliance with applicable regulatory and legal rules and requirements (ie SEC-Regulation SCI, CFTC-System Safeguards, etc.) as they relate to information including support of regulatory exam and Internal Audit remediation planning, tracking, and mitigation. Responsibilities: Work with appropriate stakeholders and across the organization to create a culture that manages information as an enterprise asset Implementation of the information governance, data protection, and privacy program including the development of policies, procedures, and job aids Identification, implementation, and use of technologies to support program objectives and classification standards Execution of controls and risk assessments (eg, third-party risk, privacy, data protection) Responsible in performing the privacy impact assessment on data incidents and working with relevant stakeholders like Security Services and Legal to help closing the incident. Creation and execution of strategies to identify information across the organization and throughout its life cycle Preparation of program for regulatory and internal audits/examinations and timely remediation of any findings Use of technology/tools to track projects, manage deliverables and create reporting that support the program and its objectives Support of compliance assessments for information governance, data protection, and privacy including development of controls to measure risk Development and maintenance of the organization's Records and Information Management (RIM) program, ensuring information across all media and formats is properly retained and disposed including remediation of Legacy information Ensure retention, disposition, protection, and classification are addressed in new applications, platforms, and systems Collaborate with internal and external stakeholders to implement information governance, data protection, and privacy policies and requirements Support and develop training and awareness programs for information governance, data protection, and privacy. Identify trends in privacy and regulatory requirements, compliance enforcement, and action the necessary changes in the program. Qualifications: Strong interest in understanding and solving data challenges with experience in information governance, data protection, and privacy policy Knowledge of and work experience with enterprise systems, networks, databases, and other technical domains Strong attention to detail, customer orientation, communication, and presentation skills including the ability to listen and quickly translate business needs into solutions and build effective working relationships Strong experience in building the capabilities for auto data classification, data security and data protection. Experience with classification standard definitions and settings Experience with Privacy requirements and work with personal information and its protection Strong strategic thinking, problem solving, and analytic skills Utilize metrics as means to improve performance Ability to adapt to change in emerging environments and work across multiple areas Experience in developing policies and procedures Experience in project management, project execution, and managing multiple priorities in a timeline driven environment Experience working in a highly regulated environment including an understanding of audit and compliance requirements Office 365 (Word, Excel, PowerPoint) Experience with systems supporting Compliance, Risk, Audit, Privacy, and Management such as ServiceNow, Archer, etc. Project/Program Management Business Intelligence tool experience Bachelor's degree or higher in information management, information systems, law, computer science or BA/BS in another discipline with equivalent experience Experience in the financial services industry Certifications Preferred: Certifications in Information, Data, Privacy Records or Security such as: Certified Information Privacy Professional (CIPP), Certified Information Privacy Management (CIPM), Certified Records Manager (CRM), and/or Certified Information Privacy Technologist (CIPT), Certified Information Systems Security Professional (CISSP), Information Governance Professional (IGP), Certified Information Security Manager (CISM) and Certified Information Systems Auditor (CISA)