Risk and Data Protection analyst

Risk and Data Protection analyst

Risk and Data Protection analyst

Our client is a fast expanding, leading Fintech. The purpose of this role is to monitor and review the security state of the their payment systems at all times.

As Risk and Data Protection Analyst your responsibilities will include

Monitoring, Configuration and Management of the Security Toolset

  • Conduct, manage and maintain ISO27001 and ISO22301 risk assessments
  • Conduct annual risk assessments to meet PCI-DSS requirements
  • Conduct, manage and maintain Technology wide risk assessment
  • Liaise and agree Infosec risk remediation activity with stakeholders
  • Monitor control status in relation to risk
  • Produce regular ISO and PCI risk reports
  • Monitor and review risk scores and ensure compliance with corporate wide risk assessment processes
  • Review and manage the Data Protection Policy and Process Suite
  • Ensure remains compliant with EU and UK Data Protection Legislation
  • Conduct and manage the Data Protection Impact Assessment
  • Ensure relevant Data Protection notifications are completed
  • Review other relevant Data Protection legislation to support GPS expansion
  • Produce regular reports regarding GDPR status
  • Update and maintain all policies regarding GDPR compliance
  • Review GDPR training for all staff and tailor to provide best value

Skills, Ability and Experience

  • Full understanding of the Information Security Risk Lifecycle
  • Experience of conducting Information Security Risk assessments
  • Experience of conducting ISO27001 Information Security Risk Assessments
  • Experience of conducting ISO22301 Risk Assessment
  • Experience with using Information Security Risk Assessment Tools is beneficial
  • Ability to communicate effectively in both written and verbal form with technical stakeholders and at varying levels within the organisation
  • Excellent organisational, interpersonal skills
  • Experience in the financial sector preferably payments is beneficial
  • High level knowledge of PCI-DSS
  • Ability to work independently as well as within teams.
  • Working understanding of GDPR
  • Previous experience producing
    • GDPR Notifications
    • Conducting Data Protection Impact Assessments
    • Producing Policies
  • Ability to write and review policy documents specifically for Data Protection requirements.










Type: Permanent

Start Date: ASAP

London/home £50-£60k plus excellent benefits

To apply for the position above, please complete and submit the form below and a member of our team will be in touch as soon as possible.

Application Form