Information Security Compliance Analyst
Sainsbury's
London, UK
Published 2 months ago
Compliance Management Systems / Technology
Job Description
In a nutshell
Play a crucial role in ensuring compliance with UK Corporate Governance regulations related to IT controls and Information Security. You will assess, monitor, and report on IT control requirements, collaborating closely with a range of stakeholders and their respective teams. Drive compliance framework reviews, gather evidence and seek out opportunities to improve and mature existing processes.
What you need to do
• Conduct security and IT Controls testing, including design and operating effectiveness testing
• Drive the assessment of security and IT control effectiveness across the business and raising appropriate risks
• Provide policy compliance of security and IT controls across the business
• Drive the compliance programme and produce reporting for the audit committee
• Assist in IT risk management and facilitate reviews of IT controls
• Produce reporting on identified compliance gaps and remediation activities
• Drive the adoption of appropriate process documentation and controls
• Support the creation of internal security compliance framework and policy
What you need to know and show
• Familiar with ITGC, NIST, and other relevant regulation
• Be able to proactively identify and own any issues and follows through to resolve them
• Critical thinking skills, ability to evaluate evidence and how it applies to controls
• Work collaboratively with a range of people to support the wider business agenda
• Be highly organised and able to coordinate expected outputs from different stakeholders
• Ability to prioritise their own workload and deliver quality results on time to budget
• Someone with the ability to think methodically and logically and communicate well using spoken and written word
• Certifications such as CISA are desirable but not essential
Support we will provide
• Your line manager will provide support and guidance
• Access to the ITGC, GRC, Data Governance and Infosec teams who have a wide array of skills and knowledge
• Extensive support and training materials available relating to NIST, IT General Controls, PCI and GDPR
• Other resources as required
Responsibilities
We'd all like amazing work to do, and real work-life balance. That's waiting for you at Sainsbury's. Corporate Services is made up of specialist teams, namely Legal, Information Security, Safety & Insurance, and Company Secretary & Share Management. While they're distinct areas, we all deal with risk. So that covers how we identify risk to the business, people, stakeholders and shareholders, how we assess and evaluate the impact of risks, and how do we mitigate them or even accept them. What makes us different is that we have real exposure to other specialisms; we don't operate in a silo and can move laterally into other opportunities. We also have an amazing leadership team - which is 50% women - and a genuine passion for Sainsbury's as a brand and as a place to be. Which makes this a place where you should be.
Qualifications
We are committed to being a truly inclusive retailer so you'll be welcomed whoever you are and wherever you work. Around here, there's always the chance to try something new - whether that's as part of an evolving team or somewhere else across the business - and we take development seriously and promise to support you. We also recognise and celebrate colleagues when they go the extra mile and, where possible, offer flexible working. When you join our team, we'll also offer you an amazing range of benefits. Here are some of them:
Starting off with colleague discount, you'll be able to save 10% on your shopping online and instore at Sainsbury's, Argos, TU and Habitat, and we regularly increase the discount to 15% at points during the year. We've also got you covered for your future with our pensions scheme and life cover. You'll also be able to share in our success as you may be eligible for a performance-related bonus of up to 10% of salary, depending on how we perform.
Your wellbeing is important to us too. You'll receive an annual holiday allowance and you can buy up to an additional week's holiday. We also offer other benefits that will help your money go further such as season ticket loans, cycle to work scheme, health cash plans, salary advance (where you can access some of your pay before pay day) as well access to a great range of discounts from hundreds of other retailers. And if you ever need it there is also an employee assistance programme.
Moments that matter are as important to us as they are to you which is why we give up to 26 weeks' pay for maternity or adoption leave and up to 4 weeks' pay for paternity leave.
Please see www.sainsburys.jobs for a range of our benefits (note, length of service and eligibility criteria may apply).
In a nutshell
Play a crucial role in ensuring compliance with UK Corporate Governance regulations related to IT controls and Information Security. You will assess, monitor, and report on IT control requirements, collaborating closely with a range of stakeholders and their respective teams. Drive compliance framework reviews, gather evidence and seek out opportunities to improve and mature existing processes.
What you need to do
• Conduct security and IT Controls testing, including design and operating effectiveness testing
• Drive the assessment of security and IT control effectiveness across the business and raising appropriate risks
• Provide policy compliance of security and IT controls across the business
• Drive the compliance programme and produce reporting for the audit committee
• Assist in IT risk management and facilitate reviews of IT controls
• Produce reporting on identified compliance gaps and remediation activities
• Drive the adoption of appropriate process documentation and controls
• Support the creation of internal security compliance framework and policy
What you need to know and show
• Familiar with ITGC, NIST, and other relevant regulation
• Be able to proactively identify and own any issues and follows through to resolve them
• Critical thinking skills, ability to evaluate evidence and how it applies to controls
• Work collaboratively with a range of people to support the wider business agenda
• Be highly organised and able to coordinate expected outputs from different stakeholders
• Ability to prioritise their own workload and deliver quality results on time to budget
• Someone with the ability to think methodically and logically and communicate well using spoken and written word
• Certifications such as CISA are desirable but not essential
Support we will provide
• Your line manager will provide support and guidance
• Access to the ITGC, GRC, Data Governance and Infosec teams who have a wide array of skills and knowledge
• Extensive support and training materials available relating to NIST, IT General Controls, PCI and GDPR
• Other resources as required
Responsibilities
We'd all like amazing work to do, and real work-life balance. That's waiting for you at Sainsbury's. Corporate Services is made up of specialist teams, namely Legal, Information Security, Safety & Insurance, and Company Secretary & Share Management. While they're distinct areas, we all deal with risk. So that covers how we identify risk to the business, people, stakeholders and shareholders, how we assess and evaluate the impact of risks, and how do we mitigate them or even accept them. What makes us different is that we have real exposure to other specialisms; we don't operate in a silo and can move laterally into other opportunities. We also have an amazing leadership team - which is 50% women - and a genuine passion for Sainsbury's as a brand and as a place to be. Which makes this a place where you should be.
Qualifications
We are committed to being a truly inclusive retailer so you'll be welcomed whoever you are and wherever you work. Around here, there's always the chance to try something new - whether that's as part of an evolving team or somewhere else across the business - and we take development seriously and promise to support you. We also recognise and celebrate colleagues when they go the extra mile and, where possible, offer flexible working. When you join our team, we'll also offer you an amazing range of benefits. Here are some of them:
Starting off with colleague discount, you'll be able to save 10% on your shopping online and instore at Sainsbury's, Argos, TU and Habitat, and we regularly increase the discount to 15% at points during the year. We've also got you covered for your future with our pensions scheme and life cover. You'll also be able to share in our success as you may be eligible for a performance-related bonus of up to 10% of salary, depending on how we perform.
Your wellbeing is important to us too. You'll receive an annual holiday allowance and you can buy up to an additional week's holiday. We also offer other benefits that will help your money go further such as season ticket loans, cycle to work scheme, health cash plans, salary advance (where you can access some of your pay before pay day) as well access to a great range of discounts from hundreds of other retailers. And if you ever need it there is also an employee assistance programme.
Moments that matter are as important to us as they are to you which is why we give up to 26 weeks' pay for maternity or adoption leave and up to 4 weeks' pay for paternity leave.
Please see www.sainsburys.jobs for a range of our benefits (note, length of service and eligibility criteria may apply).