The Ardonagh Group

Cyber Governance and Compliance Analyst

The Ardonagh Group

full-time

Posted on:

Origin:  • 🇬🇧 United Kingdom

Visit company website
AI Apply
Manual Apply

Job Level

Mid-LevelSenior

Tech Stack

Cyber Security

About the role

  • Ensure cyber risk management and governance frameworks are effectively implemented and maintained
  • Collaborate with Cyber Governance, Education, and Awareness Analyst to develop and enhance cyber risk posture
  • Support maintaining information and Cyber Security governance artefacts (Policies, Business Standards, Cyber Metrics)
  • Assist Operational Teams with processes and procedures, providing reviews, advice, and contributions to procedural documents
  • Support in developing, maintaining and updating Cyber Education and Awareness content
  • Conduct ad-hoc reviews and oversight of operational access management processes to ensure effectiveness
  • Leverage Everywhen risk framework to identify, analyse and manage cyber risk within the estate
  • Manage and assist in completing cyber due-diligence requests for clients and internal stakeholders
  • Manage and assist in cyber security assessments for new mergers and acquisitions
  • Apply assurance processes to identify and register cyber risks
  • Collaborate with the IT Governance function to identify significant areas of IT risk
  • Track, manage and report risk, control and deviation remediation activities
  • Update the risk register of information assets with risks associated with each asset
  • Maintain the risk register of exceptions, assess and record the risk associated with any exceptions

Requirements

  • Experience in cybersecurity governance, risk manager or compliance roles in an IT setting
  • Ideally experience for an insurance provider/broker or at least in financial services market
  • A degree in Cybersecurity, Information Technology, Information Systems, or a related field
  • Relevant qualifications such as CISA, CISSP or CISM desirable
  • Cyber security experience within a large complex corporate regulated environment
  • Familiarity with cybersecurity regulations and frameworks (e.g., NIST, CIS, GDPR)
  • Strong understanding of cybersecurity principles, threats, and risk management practices
  • Proficiency in security tools and technologies
  • Knowledge of data protection and privacy laws relevant to the organisation
  • Ability to work under pressure, prioritise and manage own workload with autonomy
  • Excellent analytical and problem-solving skills
  • Strong communication skills across all mediums
  • Ability to work collaboratively and build relationships with stakeholders at all levels
  • Proactive and able to manage multiple tasks in a fast paced environment