1. Home
  2. Jobs
  3. Information Technology
  4. Information Security Assurance Analyst

Information Security Assurance Analyst

Pearson Lanka (Pvt) Ltd

Find Similar Jobs Other Jobs by this Company Print Job Share on Facebook Report this Ad

Information Security Assurance Analyst

 

Key Responsibilities:

  • Initiate project triages and establish key security requirements for each IT Project.

  • Security liaison with the business on various projects.

  • Support projects to comply with information security controls through the project delivery life-cycle.

  • Assist resource owners and IT staff in understanding and responding to security requirements and controls.

  • Work as a liaison with vendors and the legal and purchasing departments to establish mutually acceptable contracts and service-level agreements in delivery of projects.

  • Work with the CISO and IT and business stakeholders to define metrics and reporting strategies that effectively communicate successes and progress of the security assurance process both performed by the team and regionally.

  • Consult with IT and security staff to ensure that security is factored into the evaluation, selection, installation and configuration of hardware, applications and software.

  • Recommend and coordinate the implementation of technical controls to support and enforce defined security policies.

  • Develop a strong working relationship with the security engineering team to develop and implement controls and configurations aligned with security policies and legal, regulatory and audit requirements.

  • Support Regional Information Security Officers in producing Regional Security Performance reporting and KPIs tracking, e.g. security vulnerability reporting, tracking and closure.

  • As directed lead small remediation projects with global product and technology teams.

 

Candidate Profile

  • A bachelor's degree in information systems or equivalent work experience; an M.B.A. or M.S. in information security is preferred.

  • The ability to interact with Pearson’s personnel, build strong relationships at all levels and across all business units and organizations, and understand business imperatives.

  • A strong understanding of the business impact of security tools, technologies and policies.

  • Experience with common information security management frameworks, such as International Standards Organization (ISO) 2700x, the IT Infrastructure Library (ITIL) and Control Objectives for Information and Related Technology (COBIT) frameworks.

  • Familiarity with applicable legal and regulatory requirements, including, but not limited to, the U.S. Sarbanes-Oxley Act, the U.S. Health Insurance Portability and Accountability Act (HIPAA), the European General Data Privacy Regulation (GDPR), and PCI/DSS.

  • Proficiency in performing risk, business impact, control and vulnerability assessments, and in defining treatment strategies.

  • Knowledge of and experience in developing and documenting security requirements and remediation plans.

  • Working knowledge of Industry Standard Product and Program Development Life Cycle, including Secure SDLC.

 

Please click the link to apply - https://pearson.taleo.net/careersection/ex/jobdetail.ftl?job=1612806

Find Similar Jobs Other Jobs by this Company Print Job Share on Facebook Report this Ad