Job description
Information Security Governance Analyst
Location: London, UK
Sector: Travel
Stott and May have partnered up with a leader in global travel and event management, renowned for exceptional service and innovative, client-focused technology.
We are seeking a highly skilled Information Security Governance Analyst to join our expanding client in their GRC function. Reporting to the Information Security Governance Manager, you will play a critical role in the strategic growth.
What you will do:
Location: London, UK
Sector: Travel
Stott and May have partnered up with a leader in global travel and event management, renowned for exceptional service and innovative, client-focused technology.
We are seeking a highly skilled Information Security Governance Analyst to join our expanding client in their GRC function. Reporting to the Information Security Governance Manager, you will play a critical role in the strategic growth.
What you will do:
- Maintain information security policies, procedures, and standards.
- Conduct risk assessments and maintain the information security risk register to implement agreed treatment plans.
- Manage the third-party risk programme, including supplier and partner due diligence.
- Contribute to internal and external audits to maintain certifications and meet business needs.
- Respond to client queries regarding Reed & Mackay’s security posture and compliance management framework.
- Support security incident response and answer security queries from internal stakeholders.
- Stay updated on evolving security standards and internal organizational changes to keep the risk and client trust programme current.
- Working knowledge of industry standards such as NIST, ISO 27001, and PCI DSS.
- Experience working with internal and external stakeholders.
- Excellent attention to detail, proactive approach, and ability to work independently.
- Strong communication and interpersonal skills.
- Understanding of business continuity, security concepts, and technologies.
- Knowledge of data protection best practices and GDPR requirements.
- Proficiency in French, Spanish, Italian, or German is a plus.
- Professional certification in information security, risk management, or third-party risk management is desirable.
