Job title: Security Risk and Assurance Specialist

Location: London/Hybrid

Duration: 6 months

Adecco is an employment consultancy. We put expertise, energy, and enthusiasm into improving everyone''s chance of being part of the workplace. We respect and appreciate people of all ethnicities, generations, religious beliefs, sexual orientations, gender identities, and more. We do this by showcasing their talents, skills, and unique experience in an inclusive environment that helps them thrive.

The role:

Deliver an enhanced security risk assurance and due diligence review of all in scope applications, cloud services and related technologies for ECB compliance readiness

Deliver entity level risk assurance and management dashboard to support ongoing risk and issue management and reporting across EMEA.

Maintain and update the governance, risk, and performance frameworks, across Information and Cyber Security within EMEA, with an EU focus.

Responsibilities:

• Maintain and enhance the Security due diligence assurance process in line with EU and UK regulatory expectations
• Deliver a full due diligence assurance on all in scope applications, systems and technologies in support of ECB compliance.
• Define and embed key metrics required for information and cyber security continuous controls management and reporting; driving and tracking mitigations; facilitating periodic review to reflect changing cyber threat landscape and confirm the adequacy of risk and key controls
• Implement risk appetite methodology for EU reporting process, including but not limited to templates, heat maps and dashboard to continually inform on risk appetite position
• Maintain and enhance the EMEA Information Security Risk and Assurance documentation, policy, standard, frameworks, processes and procedures.
• Consistently look for improvements in the efficiency and effectiveness of Information and Cyber Security risk and due diligence assurance reporting

Requirements:

• Risk management techniques such as risk identification, risk evaluation, control mapping and mitigation tracking
• Performance management techniques including developing and maintaining KRIS, KCIs, KPIs and appropriate tolerances
• Security due diligence assurance framework definition, implementation, assessments and reporting
• Stakeholder management, including working with diverse teams in EMEA, North America, Ireland and Japan
• Information and Cyber Risk Frameworks and Standards (e.g., NIST / ISO27001) as well as Regulatory frameworks (e.g., Bank of England FCA/PRA, EU).
• Experience of EMEA Regulations and standards such as DORA/ECB regulatory requirements is required

Candidates will ideally show evidence of the above in their CV in order to be considered.

Please be advised if you haven''t heard from us within 48 hours then unfortunately your application has not been successful on this occasion, we may however keep your details on file for any suitable future vacancies and contact you accordingly.