Mentmore is currently recruiting for a Risk and Data Protection Analyst for our client, a leading fintech organisation who are undertaking large transformation programmes. They are looking to bring on board an experienced Risk and Data Protection Analyst with extensive experience of ISO27001 and ISO22301 risk assessments, PCI-DSS and GDPR.

Key responsibilities:

• Conduct, manage and maintain ISO27001 and ISO22301 risk assessments.
• Ensure the annual risk assessments to meet PCI-DSS requirements.
• Manage and maintain the technology wide risk assessment.
• You will produce regular ISO and PCI risk reports.
• Monitor, Configure and manage the organisations security toolset.
• Liaise and agree Infosec risk remediation activity with stakeholders
• Monitor and review risk scores and ensure compliance with corporate wide risk assessment processes
• Cloud technologies
• Review, manage the companies Data Protection Policy and Process Suite
• Ensure the company remains compliant with EU and UK Data Protection Legislation
• Responsible to ensure data protection notifications are completed
• GDPR compliance, GDPR status reports and support with Data Protection.
• Write and review policy documents for data protection
• Excellent verbal and written communication skills, with good senior-level stakeholder management soft skills and competencies.

 

Required skills:

• Full understanding of the Information Security Risk Lifecycle
• Experience of conducting ISO27001 and ISO22301 Information Security Risk Assessments
• Excellent experience of using Information Security Risk Assessment Tools
• Extensive knowledge of PCI-DSS
• Good working understanding of GDPR notifications, compliance and status reports.
• Background: Finance, banking or insurance would be a plus.