Information Security Governance and Assurance Analyst
Job Introduction
Are you looking for a Information Security Governance and Assurance Analyst role in a fast-paced, highly creative environment, where you’ll be responding to a dynamic regulatory landscape? Looking for a company that wants to help further your career in Information Security as well as provide you with an exciting, inspiring and fun place to work?
If the answer to all of these questions is ‘yes’ then you’re just the kind of person we’re looking for!
Role Responsibility
As our new Information Security Governance and Assurance Analyst, you’ll be helping Selfridges protect its team member and customer personal information. As part of this, you will:
- Helping to manage, document, communicate and continuously improve information security assurance processes
- Owning and managing the process for third party information security assurance to ensure that:
All in scope third parties complete an information security questionnaire that is then assessed
Ensuring relevant contractual clauses reflect information security requirements,
Implement and manage an audit process for ongoing data security assessments of third parties including both questionnaire reviews and potential onsite visits.
- Supporting the process for project engagements to ensure that:
Information Security requirements are defined for each project
Architectural design documents are reviewed to ensure appropriate controls are in place.
Testing and acceptance processes are in place to ensure that agreed controls have been implemented.
- Supporting phishing awareness throughout the organisation including:
Managing automated phishing awareness campaigns
Delivering and supporting training and awareness to specific user groups
- Reviewing and responding to Data Loss Prevention alerts
- Supporting management and investigation of any information security incidents including:
Ensuring that incident logs are maintained, and any actions / lessons learned are addressed.
Managing the lost/stolen device process
- Supporting Selfridges PCI compliance program including:
Ensuring evidence of compliance is collated and maintained
Working with third party suppliers to gain evidence of compliance where appropriate
Undertaking audit checks within stores
- Managing the process for Information Security Risk Management to ensure that all information security risks are owned and documented and remediated to an agreed and accepted level.
The Ideal Candidate
Essential Requirements
- A background in compliance, audit, or security
- A good understanding of IT systems and architecture
Desirable Requirements
- Experience of working in Information security compliance and audit using standard industry frameworks e.g. ISO 27001, NIST 800-53, COBIT, SOX
- Experience of PCI DSS compliance audits
- Formal experience of IT or Information Security Risk Management
- Extremely good organisational, communication and documentation and administration skills with a good eye for detail.
- Strong interpersonal, communication and influencing skills with the confidence and ability to operate effectively at all levels including Senior Management, and technical and non-technical audiences.
About the Company
A BIT ABOUT US
Our creative spirit
We are more than a shop. We are a social space where culture and commerce collide to release an energy that we call the Selfridges spirit. We are here to make our world brighter, and everyone is welcome.
Our awards cabinet
We’re not ones to brag, but since you asked...Selfridges has won the award for The World’s Best Department Store an unprecedented four times at the IGDS awards, with an additional award for the Best Sustainability Campaign.
Our future
Since 1909 we have been at the forefront of retail and today our stores in London, Manchester and Birmingham – alongside selfridges.com and the Selfridges App – continue to redefine the way we shop and socialise. As a Selfridges team member, you will learn what it takes to consistently drive innovation, success and amazing customer experiences.
THE FUN STUFF
There are lots of reasons to be excited about joining Team Selfridges – from our fantastic team member communities to volunteer days and behind-the-scenes Selfridges experiences throughout the year.
Other benefits and rewards include:
- Generous bonus and/or commission scheme
- Discounted gym memberships
- Pension contributions
- Annual travel pass and cycle to work schemes
- A volunteer day for all team members
- Access to a wide range of training programmes to help your career development
Selfridges