Governance & Assurance Analyst

Location: Bromley
Salary:
Closing Date: 11 December 2020
Apply Now
WORK PERMIT:
All applicants must be based in the UK and confirm that they are able to prove their eligibility to work in the UK.

Job Description

The role

What we are looking for:

At Direct Line Group, we continue to unleash the power of technology to disrupt the insurance market and our Information Security, Risk and Assurance team is at the heart of this!

Working to provide the kind of experience and services that wow our customers, we are delivering a set of ambitious plans to transform our technology for the future, evolving the systems, platforms and infrastructure that our people use day-to-day.

Do you have experience of working within a technology risk governance and assurance role? Have you been responsible for defining controls, creating policies, frameworks and risk assessment documents? We are hiring for a Governance & Assurance Analyst (internally known as Technology Risk Analyst) and would love to hear from you if you fit this profile.

Who youll be working with:

Working alongside the Technology Risk Analysts, Technology Risk Consultants and Technology Risk Managers, you will sit within the Technology Resilience and Risk Squad within the Security and Resilience Chapter.

We are moving into Agile ways of working. This comes with immense potential to learn, develop your skills as you initially see us through a very exciting time of change. You will be valued and looked to for inspiration, with clear goals and autonomy as well as leadership focus being part of your daily role.

What you'll be doing:

Develop, maintain and embed the Technology Risk Policies and Controls Framework to ensure it consistently aligns to industry best practices and the cyber security and resilience strategy

Define and continuously improve the methodology for providing assurance over the design adequacy and operational effectiveness of technology resilience and risk controls

Assess the effectiveness of controls and determine whether they mitigate the inherent risk to within desired residual risk

Produce reporting and update the groups risk management tool to reflect the results of controls assurance activity

Build relationships with 2nd and 3rd lines of defence and coordinate the collection of evidence for external and internal audit requirements

What you'll need:

Solid grasp of risk management tools, methodologies, control taxonomies and industry standard frameworks (NIST, ISO 27001, COBIT, PCI-DSS, ITIL, TOGAF)

Cloud experience ideally with platforms such as AWS

Experience of working within in an Agile environment and Agile/DevOps control frameworks

What well give you:

Come join us and youll find yourself in the middle of one of the most on-the-go teams in the business, with autonomy and exposure to industry leaders on huge household brand names. Were always encouraging internal development and youll have access to loads of learning opportunities, events and conferences to build your industry knowledge.


PLEASE NOTE:

We strongly recommend that you do not provide your bank account details when applying for a job. If you see a vacancy on Asian Jobsite requesting bank account details please email webmaster@asianjobsite.co.uk