DirecciónDo you want to have an impact every day by making people safe - and bringing them peace of mind? Interested in being part of a dedicated, passionate team which believes that security is a human right?
Looking to join a company where innovation and technology are at the heart of its solutions?
What we look for
Highly motivated individuals with excellent problem-solving skills and the ability to prioritize shifting workloads. An effective communicator, you’ll be a confident team player with a genuine passion to make things happen in a dynamic organization.
If you’re ready to take on a wide range of responsibilities and are committed to seeking out new ways to make a difference, this role is for you.
Job purpose
We have one global role, Process Security Senior Risk Analyst, available in Madrid (Spain), Mälmo (Sweden) or Amsterdam (Netherlands).
Reporting to the Process Security Risk Team Lead, you will be responsible for supporting the governance, risks, and compliance program for technical operational controls.
Your role will also support the implementation of our organization’s strategies regarding Process Security controls by maintaining and developing new ways of doing things and creating business relationships transversally in Technology area and across the business units.
This role will be responsible for coordinating and performing assessment functions and control testing reporting and activities in accordance with Verisure Internal Controls, regulatory and departmental policies, and procedures.
This role updates and maintains our control frameworks but also is supposed to analyze and define business processes, workflows and models.
The position is expected to work with internal stakeholders and take a lead role in analyzed key risks, established regular dialogue between risk and control owners to identify areas for improvement and develop strategies to enhance security of these business processes.
This role will also play an important role in conducting research and analysis to identify trends, patterns and opportunities for Process Security improvement, as well as developing and implement process improvement plans and remediation actions.
Main Responsibilities
- Maintain and develop our risk control framework and processes that allow effective monitoring, management and mitigation aligned with business objectives associated to the operations of our organization and our technology
- Perform risk assessment and risk management activities across our organization and our vendors and drive standardization and centralization of control practices and ambassador central processes.
- Support to develop standards, procedures, policies and improve our positioning through process improvement, policy automation, and the continuous evolution of capabilities and our control framework.
- Document and report control failures and gaps to stakeholders.
- Provide remediation guidance and sometime drives projects to ensure deployment of mitigation actions or process improvements and prepare management reports to track remediation activities.
- Implement processes to automate and continuously monitor controls, exceptions, risks, testing across a range of data processing activities, functions, and entities.
- Develop reporting metrics, dashboards, and evidence artifacts.
- Perform and control the full audit cycle over controls effectiveness and compliance with all applicable directives and regulations.
Required Qualifications
Minimum qualifications
- Bachelor’s computer Information Systems or related discipline and 3 year of direct experience in risk management associated to the operations of an organization and its technology.
- A pragmatic approach developed through hard won experience working in GRC departments and direct experience supporting process to : Define, create and execute of risk control framework, not only internally but also for third-party and partners.
It is key also have experienced in documenting security procedures, policies, and standards.Perform assessments and conduct compliance and maturity assessments using international standards and best practices from various industries.
Ensure that all risks and non-conformities are actively managed, monitored, documented, and mitigated if possible. That means, support to analyze the root causes of operational exceptions as well as to assist in the development and completion of risk mitigation.
Define and tracking KPIs / KRIs and generating reporting adapted for different levels and stakeholders.Perform controls audits and executing remediation plans not only internally but also third party and partners and support the completion of business unit specific risk / control self-assessments.
Support the process of conducting BIAS and defining plans to ensure the continuity of the business in case of a disruption.
Work experience in a professional environment preferred, including : Demonstrated planning and problem-solving skills.
Thorough understanding of market structures, including relevant regulatory compliance requirements (SOC 2 , GDPR, etc.).Demonstrated experience working on activities related to process improvements.
Demonstrated experience translating functional requirements to small activities.Experience organizing and carrying out risk assessment and compliance projects.
Ability to successfully support audits (external and internal), compile evidence, and organize audit responses.Fluent written and verbal communication skills in English.Travel availability.
Preferred qualifications / Personal Characteristics
Relevant security certification like : ISO / IEC 27001 Lead Auditor e Implementer (Security Information Management) certification;
ISACA Certified Information Systems Auditor (CISA) certification; ISACA Certified in Risk and Information Systems Control (CRISC) certification.
- Proficient with MS Office, project management, and at least one GRC tool (recommended).
- Familiarity with auditing, monitoring, controlling, and process assessment frameworks.
- Familiar with current home security / smart home technologies, future developments and understanding of business models behind them.
