Cyber Security - Cyber Compliance Analyst - BA

Life on the team

Operates the cyber compliance framework to ensure Computacenter is continually compliant to our cybersecurity obligations, helping us to achieve our business goals and build customer trust.

What you’ll do

Operate the Cyber Compliance Framework (~ 90%)

• Compliance Framework: operate processes and procedures as part of the Cyber Compliance framework.

• Cyber Controls Mapping: Update the mapping of our cybersecurity control catalogue between our cybersecurity certifications (such as ISO27001, TISAX, Cyber Essentials Plus), our cybersecurity framework (NIST CSF 2.0), and cyber-related regulations (such as NIS2 and DORA).

• Continual Controls Monitoring: Operate the continual controls monitoring process, using tools to collect and maintain evidence of compliance.

• Identify and address compliance gaps: Track and manage mitigation actions to resolve issues, close compliance gaps and implement new requirements.

• Support internal and external audits: Support in collecting evidence in preparation ahead internal and external audits.

Business Engagement and Collaboration (~10%)

• Work closely with BISOs and Lead BISOs to identify, assess and manage compliance requirements and controls across the business.

• Work with the relevant business stakeholders to identify and evaluate actions to improve compliance of controls.

• Working with the Cyber Framework function, provide feedback to ensure our policies and standards are compliant with our obligations.

• Work with the Security Management Office and GIS Performance Management to create timely and high-quality cyber compliance reporting

What you’ll need

• More than 6 years of professional experience in an Information Security / Cyber Security function in an international environment, Completed university degree.

• GIS operating model

• GIS adopted frameworks and processes including ITIL, SAFe, DevSecOps, etc.

Key Competencies (SFIA Codes and levels where applicable)

• Information security SCTY.

• Governance GOVN

• Risk management BURM

• Information assurance INAS

• Stakeholder relationship management RLMT

Key Technical Skills (SFIA Codes where applicable)

• Knowledge across cybersecurity domains.

• Security+ or equivalent certified.

• Cybersecurity frameworks including NIST CSF, NIST 800-53, Secure Controls Framework and CE+.

• Information security standards including GDPR, TISAX, SOC 2, ISO27001 and ISO27005.

.