Information Security Analyst
Cepal Hellas Financial Services S.A., Greece

Job Mission

The Information Security Analyst will be responsible for supporting information security, cybersecurity and IT risk management based on industry-accepted information security and risk management frameworks. The individual will facilitate the development and maintenance of Company’s information security management system (ISMS).

Responsibilities

• Facilitates the continuous development, implementation and update of security policies, procedures and standards
• Performs assessments to ensure compliance with corporate information security policies and procedures/ standards
• Facilitates and monitors the implementation of corporate disaster recovery and business continuity strategy (BCP/DRP) and participates in the execution of the annual DRP/BCP tests
• Develops information security awareness material
• Ensures that corporate systems have adequate information security controls to ensure compliance with regulatory frameworks
• Participates in the design of new applications/ systems, to ensure information security-related requirements are met
• Performs physical security reviews to determine whether the existing or proposed company facilities are adequately protected
• Facilitates incident response, planning/ testing and investigation activities for incident handling, complaints received from authorities, customers, third parties
• Ensures the implementation of the required remediation actions arising from the findings identified from internal, external auditors, or regulatory bodies
• Monitors and manages daily information security tickets/ issues and prepares annual and quarterly Information Security Reports.
• Supports the development, implementation, and monitoring of a strategic, comprehensive enterprise information security and IT risk management program, under the supervision of the Information Security Manager
• Supports third party management activities (i.e., review of RFPs/ contracts/ SLAs/ NDAs, evaluate security level of third parties, etc.)

Requirements

Education, Skills and Experience

• Bachelor’s degree in business administration or a technology-related field required. Master’s in security field will be considered an asset
• Professional certifications such as CISSP, CISM, CISA, ISO27001 LI/LA will be considered an asset
• Up to three (3) years of related work experience in a combination of risk management, information security and IT
• Understanding of information security management frameworks, such as ISO/IEC 27001, NIST 800-53, etc.
• Understanding of laws and regulations including but not limited to GDPR, PCI DSS, etc.
• Experience with Cloud computing across virtualized environments
• Excellent verbal and written communication skills in English and Greek

Competencies

• Strong interpersonal skills and ability to effectively communicate at all levels
• Strong organizational skills
• Problem solving ability
• Strong analytical and research skills

Benefits

The company offers a competitive remuneration package and excellent career prospects within a stimulating and growing working environment.