欲随时了解新空缺职位:
加入我们的人才网络
职位快照
Reigate, GB
We are looking for a Cyber Security and Privacy Risk Assurer to support the Technology division of the Insurance Consultancy and Technology (ICT) business unit in managing cyber security risk, particularly in its expanding SaaS portfolio. You will support the business by working with software delivery teams and platform teams to identify, quantify and manage privacy and cyber security risk in new products and by providing ongoing privacy and cyber security risk assurance of live products.
As a cyber risk assurer, you will:
- Work with development teams to identify and document privacy requirements in new products;
- Work with development teams to identify and document information security requirements in new products;
- Work with development teams to ensure ongoing privacy and information security assurance through the life of a product;
- Work with development teams to support privacy and information security assurance requirements through the sunsetting of a product;
- Run Security Working Groups, to govern privacy and information security requirements, including tracking activity and liaising with software delivery teams;
- Support the development and maintenance of a knowledge base of security features and provisions within products;
- Support the development and production of management information;
- Develop and maintain a good working knowledge of the applications developed in ICT and the Azure environment within which they are developed and operated.
- Support other information security work as required
The essential skills / experience for this position are:
• Experience of working in a similar cyber security role within Governance, Risk and Compliance;
• Good understanding of cyber security concepts, controls and cyber risk management;
• Good understanding of software applications and networks;
• Broad understanding of international privacy and security requirements and standards, such as GDPR, SOC2 and ISO27001;
• Good analytic thinking, written and oral skills;
• A desire to work closely and co-operatively with software developers, platform managers, operations teams and all those critical to the development and running of desktop and SaaS products
Desirable skills / experience for this position are:
• Experience of working in DevSecOps environments
• Experience of working in the Cloud environment with Cloud controls
• Experience of being part of a team of security, assurance, and/or compliance professionals
• Information Security specific qualifications (such as CISM, CISSP, CISA)
• Degree in a relevant Business or Information Technology area
• Experience of working within internal or external audit, either within a previous organisation or as part of a professional services firm is desirable.
(ICT_TECH SD_2024_03R)
自主投递 说明
自主投至韦莱韬悦公司网站或员工企业邮箱的个人简历或申请人档案将视为归韦莱韬悦所有,我们无需为此向代理招聘机构支付费用。韦莱韬悦授权的代理招聘机构或猎头公司须持经由韦莱韬悦授权招聘官签署的有效正式书面合同,且须仍与韦莱韬悦保持合作关系。简历须按照我们的申请人提交流程进行提交,包括针对特殊招聘提交的简历。代理招聘机构或公司如不按申请流程提交简历,韦莱韬悦将不会为此支付招聘费用。韦莱韬悦提倡公平招聘。如您希望我们保存您的联系信息,以备日后有合适机会时与您联系,请发送邮件至 Agency.inquiries@willistowerswatson.com.
我们的机构
我们的同事遍及全球140多个国家及市场。我们的业务已基本全面实现国际化,为协作与发展创造了绝佳机遇。查看以下地图,了解韦莱韬悦可以在哪里为您提供机遇。