Information Risk and Security Analyst
Department: VFS Digital Solutions and IT Information Security
PURPOSE OF THE JOB
The Information Risk and Security Analyst evaluates the entire enterprise, specific scenarios, project plans, and third parties to discover information risks that should be considered in decision-making processes and/or remedied. The analyst can choose to use qualitative or quantitative methods during the evaluation based on the need and the party who will be reviewing the results.
He / She provides operational security support to VFS DS&IT by assisting with occasional incident handling as necessary, providing technical security guidance to solution and project teams, and administering the global security awareness training platform and program.
He / She is responsible for understanding various parts of the Volvo Financial Services (VFS) business so that all aspects can be taken into account during the risk evaluation process. He / She remains informed of current industry and security trends so that analysis results will be relevant and timely.
He / She delivers consistent risk reports that will be informative, useful and helpful to various stakeholders by developing and using report templates and creating output standards. He / She also recommends remedial activities to address risks that are discovered during the course of the evaluation.
He / She collaborates with compliance colleagues in IT, legal and risk teams to develop holistic views of risk issues throughout the organization and develop strategies for reducing them.
He / She works with various Volvo Group IT Risk and Security teams to provide feedback related to risk issues on behalf of VFS and its interests. He / She also receives statistics and reports from GIT R&S and from HCL that are used to develop metrics that are reported to senior executive management.
- Learn and understand the current VFS business and supporting environments
- Learn and understand VFS DS&IT operations and requirements
- Provide general information security support to markets in North and South America
- Assist with incident response as necessary in covered markets
- Support and provide security guidance to solution teams, both during solution development and during runtime
- Manage the solution vulnerability management program
- Incorporate principles found in the NIST Cybersecurity Framework throughout the enterprise
- Evaluate, select, deploy and manage a third-party risk management platform
- Conduct risk evaluations of internal platforms and applications, projects, and third-party vendors (business services, IT development, cloud service providers, etc.)
- Communicate and collaborate with other risk-related functions (Business Risk, Internal Control, Operational Control, Legal Compliance, IT Compliance, etc.) to develop an overall view of organizational information risk
- Develop long-term strategies for reducing overall enterprise information risk based on real-world risk analysis results
- Provide risk analysis results to steering committees, working groups, project teams, or any other stakeholder who would benefit from an objective view of the existing risks to corporate information
- Remain active in Volvo Group and VFS DS&IT security communities to stay abreast of changing standards
- Stay informed of current industry best practices in risk evaluation techniques
- Receive and interpret security metrics from Group IT Risk and Security and HCL and develop executive reports from them
- Minimum 5 - 7 years IT experience
- Minimum Bachelor’s degree
- Previous experience of security and risk audit and control. Suitably qualified in this area
- An excellent understanding of security and risk in IT
- Strong understanding of risk evaluation techniques, particularly with regard to the part that IT plays
- Ability to communicate effectively at all levels in the organization
Volvo Financial Services is the global financial solutions provider of the Volvo Group, supporting the Volvo Group brands with expert financial services. This includes providing customers and dealers with a full-range of offerings, such as financing, leasing, and insurance solutions. Our team of about 1,400 professionals are located in 45 countries worldwide. As a part of the Volvo Financial Services team, you will experience challenging assignments, gain international exposure, and interact with colleagues around the world in the Volvo Group.
We Participate in E-verify
Vi vill lära känna dig
Ett bekräftelsemail skickas till dig efter att du färdigställt din ansökan. Du kan uppdatera din profil även efter inskickad ansökan.
Om du blir kallad till en intervju informerar vi dig kring ansökningsprocessens samtliga delmoment såsom andra intervju, tester och referenstagning.
Samtliga kandidater blir informerade när den sökta tjänsten är tillsatt. Du kan välja ifall du önskar behålla ditt CV i vår databas för att få förslag på andra jobb som matchar din profil.
Vid anställningsstart genomgår du en introduktion som syftar till att på kort tid få dig att bli en del av ditt nya team samt börja kunna genomföra dina nya arbetsuppgifter på bästa möjliga sätt.