Job Title: Risk & Assurance Specialist (15545)
Location: Luton/Hybrid
Team: Cyber Security Professionals
Job Purpose:
The Risk & Assurance Specialist is responsible for delivering our risk management framework through identifying, capturing, and measuring cyber security risks within easyJet. This role encompasses working with multiple diverse business areas to capture the relevant information that results in the representation of well-defined risk information to support informed decisions in relevant forums.
This role supports the overall Digital Safety Assurance team’s objectives and provides visibility of key information relating to our regulatory compliance or control maturity.
What You’ll Need to Do the Job:
* Operate the Digital Safety risk framework to assess and record cyber risk within easyJet.
* Work with multiple functions ranging from technical IT to business-facing functions to capture the full spectrum of related risk information.
* Operate the digital safety supplier assurance process to understand and capture risks related to our supply chain.
* Identify and capture potential gaps in our regulatory compliance environment and work with the Digital Safety Compliance Manager and the Data Protection team to resolve.
* Identify and capture information relating to our Data Governance framework and work with the Digital Safety Data Management Manager to resolve.
* Work with the IT Quality and Risk function to align on the IT risk relevant areas when dealing with Digital Safety risks.
* Present findings at relevant risk forums to support the treatment of identified risks.
* Provide training and advice to colleagues in the Cyber Governance, Compliance, Assurance and Risk team, the wider LC&R team, and other departments on the use of the risk methodology to encourage consistent risk measurement and reporting across the company.
* Update the risk register of information assets with risks associated with each asset.
* Maintain the risk register of exceptions, assess, and record the risk associated with any exceptions.
* Develop and maintain bow-tie models of key risks which tie in with other team members’ measurements of control effectiveness.
* Model statistical risk models based on risk models (e.g., Monte Carlo analysis).
* Maintain up-to-date awareness of the threat landscape and how it affects the probability of risk events occurring.
Requirements of the Role:
* Plans, schedules, and monitors own work (and that of others where applicable) competently within limited deadlines and according to relevant legislation, standards, and procedures.
* Contributes fully to the work of teams and appreciates how own role relates to other roles and to the business of the employer or client.
* Demonstrates an analytical and systematic approach to issue resolution.
* Takes the initiative in identifying and negotiating appropriate personal development opportunities.
* Understands how own role impacts security and demonstrates routine security practice and knowledge required for own work.
* Previously worked in a similar information security role and other complementary business roles where the management of some type of risk (e.g., product, project) formed part of the role’s responsibilities.
Ideal Qualifications:
* CRISC or similar (e.g., Institute of Risk Management).
* CISSP, COMPTIA Security +, or other security qualification relevant to Information Security or industry.
What You’ll Get in Return:
* Competitive base salary.
* Up to 20% bonus.
* BAYE, SAYE & Performance share schemes.
* Flexible benefits package.
* Excellent staff travel benefits.
About easyJet: At easyJet, our aim is to make low-cost travel easy – connecting people to what they value using Europe’s best airline network, great value fares, and friendly service. It takes a real team effort to carry over 90 million passengers a year across 35 countries. Whether you’re working as part of our front-line operations or in our corporate functions, you’ll find people that are positive, inclusive, ready to take on a challenge, and that have your back. We call that our ‘Orange Spirit’, and we hope you’ll share that too.
Apply: Complete your application on our careers site. We encourage individuality, empower our people to seize the initiative, and never stop learning. We see people first and foremost for their performance and potential and we are committed to building a diverse and inclusive organisation that supports the needs of all. As such we will make reasonable adjustments at interview through to employment for our candidates.
#J-18808-Ljbffr