Technology & Security Risk Analyst

Key responsibilities Embedoursecurity risk management process within a newlyacquiredentity, creating the foundation forthe ongoing management of security risks for the entity. Support the alignment ofdentsu sglobaltechnology and security policies,controlsand ISO27001 standardwithinthe newlyacquiredentity. Work closely with stakeholders toidentify, assess,monitorand respond to security risks,in line withthe technology & security risk management framework and associated processes. Updatethe risk registerwithin our GRC platform,e.g.documentingagreedtreatment plans, adding regular progress updates,and escalatingdelays or blockers. Provideriskreportingto stakeholders and, whererequired, relevant forums, e.g.dentsu international marketsSecurity Risk Committee. Lead security issue management working groups withrelevantstakeholdersto assess risk issues and develop treatment plans. Provide analysis on key risk areas to drive security maturity and help shape future investment decisions. Understand the external security environment and emerging trends to support security risk management. Support the growth and adoption oftechnology and securityrisk management processes across dentsuinternational markets. What we re looking for 2-3 years of experience in technology and security governance and risk management within a medium or large-sized organization. General knowledge of all domains within security covering people, process and technology. Experience in stakeholder engagement and strong communication skills. Ability to explain technical complex concepts to non-technical audiences. A self-motivated, proactive, action-orientated approach to achieve deadlines. A collaborative mindset, working alongside others to achieve common objectives. Interest in personal development in the areas of governance, risk, compliance or security. Experience of security compliance initiatives within an enterprise technology environment such as ISO27001 (compulsory), NIST, CIS, PCI DSS, Cyber Essentials. Knowledge of security, technology and enterprise risk management frameworks (desirable). Experience with using industry-leading GRC platforms (desirable). Experience in using Microsoft Excel, PowerPoint, Forms, and PowerBi (desirable). Achieved or working towards an information security qualification (CISSP, CISM, CISA, CRISC) (desirable).