Cyber Security Operations Analyst – Vulnerability, Risk & Compliance

Years of experience: 3 to 4 years of Technology Risk, Cyber Security or similar working experience % Interaction with Stakeholders: Vast majority of the time Team Size: Medium scale team

Project: Business as usual, no project work to begin with

How will performance be measured: Deliverables and deadlines being met, etc

Qualifications

• Clear understanding of the Three Lines of Defence model and its application within risk and control frameworks
• ServiceNow Vulnerability Response / Configuration Compliance Operations experience
• Experience building simple queries in ServiceNow and Splunk
• Must have effective communication skills, both verbally and written.
• Compliance operations or vulnerability management experience
• Cyber security/Information security experience

SUMMARY OF DAY-TO-DAY RESPONSIBILITIES

Specific to the role

• Monitoring and triage reports and dashboards identifying security non-compliant assets.
• Create and follow runbooks to notify, track and elevate non-compliant issues.
• Partner with technology teams to identify solutions, track progress, elevate roadblocks and produce summary reporting on non-compliance remediation.
• Provide leadership for the provision of technical expertise in development and support of activities, processes, procedures, and tools for protecting information security with a focus on application security.
• Research, design and implement application security solutions and practices.
• Direct testing of security plans. Lead the evaluation of new and proposed security systems and technologies.

NICE TO HAVE

• Experience creating dashboard in ServiceNow
• PowerBI experience
• IT Audit / Technology Risk assessment experience