Senior IT Security Analyst

Apply Now

Job Description

Our client is the world’s leading provider of Sustainability, EH&S, and Operational Risk Management Software with a mission to enable the Sustainable Company. It offers the industry’s most comprehensive enterprise EHS software platform with technology, content and services that help large & complex organizations manage risks, ensure compliance and continually improve operational excellence.

This position is within the Global Business Services division whose motto is: “Simple, Better, Efficient”. It is there to support business objectives while leveraging as adequately as possible the corporate controls. Reporting to the Associate Director for IT Security, here are the main responsibilities of this position:

  • Information systems control design and implementation

Design and implement information systems controls in alignment with the organization’s risk appetite and tolerance levels to support business objectives.

  • Interview process owners and review process design documentation to gain an understanding of the business process objectives.
  • Analyze and document business process objectives and design to identify required information systems controls.
  • Design information systems controls in consultation with process owners to ensure alignment with business needs and objectives.
  • Facilitate the identification of resources (e.g., people, infrastructure, information, architecture) required to implement and operate information systems controls at an optimal level.
  • Monitor the information systems control design and implementation process to ensure that it is implemented effectively and within time, budget, and scope.
  • Provide progress reports on the implementation of information systems controls to inform stakeholders and to ensure that deviations are promptly addressed.
  • Test information systems controls to verify effectiveness and efficiency prior to implementation.
  • Implement information systems controls to mitigate risk.
  • Facilitate the identification of metrics and key performance indicators (KPIs) to enable the measurement of information systems control performance in meeting business objectives.
  • Assess and recommend tools to automate information systems control processes.
  • Provide documentation and training to ensure information systems controls are effectively performed.
  • Ensure all controls are assigned control owners to establish accountability.
  • Establish control criteria to enable control life cycle management.
  • Information systems control monitoring and maintenance

Monitor and maintain information systems controls to ensure they function effectively and efficiently.

  • Plan, supervise and conduct testing to confirm continuous efficiency and effectiveness of information systems controls.
  • Collect information and review documentation to identify information systems control deficiencies.
  • Review information systems policies, standards, and procedures to verify that they address the organization’s internal and external requirements.
  • Assess and recommend tools and techniques to automate information systems control verification processes.
  • Evaluate the current state of information systems processes using a maturity model to identify the gaps between current and targeted process maturity.
  • Determine the approach to correct information systems control deficiencies and maturity gaps to ensure that deficiencies are appropriately considered and remediated.
  • Maintain sufficient, adequate evidence to support conclusions on the existence and operating effectiveness of information systems controls.
  • Provide information systems control status reporting to relevant stakeholders to enable informed decision making.
  • Audits and reviews preparation and facilitation
  • Serve as liaison to auditors, consultants, and the Security Board regarding documentation and review of information systems control.
  • Communicate audit and review results to appropriate parties; ensure that issues are addressed, and corrective actions are implemented.
  • Keep a tracking action list of all audit issues.

Other duties – In collaboration with team members, Information Security, and other support functions, contribute to information systems risk assessments.

The offer

  • The ability to be part of a close-knit, international, supportive team, working in a fun environment, who are passionate about Technology and Innovation
  • Opportunities to work for a global company with offices in Paris, London, Den Haag, Chicago, Montreal, Sydney
  • Cool, modern offices with a game room, Team events/Parties…
  • Hybrid work that allows you to work from home and the office