Mazars is an engine for rapid and consistent career progression, offering individually designed career paths that help you pursue your interests, match your changing needs, and explore your true potential. We work with diverse, prestigious clients across a range of sectors and geographies, giving you the opportunity to constantly update and grow your skills for lifelong professional development.
About the team
Our Information Security function is fundamental to enabling our firm to succeed. Working with innovative business partners and technology, they are responsible for designing, implementing, and managing security solutions to mitigate risk, ensuring the protection of sensitive data, systems, and applications. The team is embedded within the wider IT team, providing IT services to around 4,000 users, across 20 locations, based predominantly in the UK.
The Information Security Governance team collaborates closely with both business support teams and the firm's client facing service lines. The team will frequently engage with clients, suppliers, and other third-parties, supporting security assurance activities, compliance, risk management of suppliers, and maintenance of security certifications and accreditations.
The team develops and implements Information Security policies, procedures, and standards, and communicates them to all employees through the management of an extensive Information Security Awareness Program. They provide oversight of IT & Information Security controls and ensure integration with Enterprise Risk Management. They monitor and collate considered security metrics and manage robust reporting mechanisms, ensuring executive visibility of IT & Information Security risk.
About the role
1. The Information Security & Governance Analyst is a key role within our IT Security & Governance Team, working to protect Mazars' information, information systems and those of Mazars' clients. The responsibilities will include:
2. Supporting and managing the Third-Party Risk Management (TPRM) processes, reviewing supplier due diligence responses, maintaining the TPRM platform, engaging with critical suppliers to address remediation tasks, and developing review schedules.
3. Responding to inbound due diligence requests from clients, supporting our client facing teams and maintaining the associated tooling.
4. Supporting the maintenance of our ISO 27001 and CE+ certification.
5. Performing and coordinating risk and control assessments across IT and Information Security.
6. Maintaining the Control Review Schedule, identifying control gaps, supporting the development of remediation plans, and monitoring progress through the firms Risk Management Tool.
7. Supporting the design and implementation of Information Security Awareness Program.
8. Collating and reporting on key information security metrics such as KPI's, and KRI's, supporting wider Information Security reporting efforts.
What are we looking for?
9. This role is a fantastic opportunity for someone who may have recently completed their studies with only limited industry experience.
10. You should understand fundamental information security principles, concepts, and processes.
11. You should possess analytical skills to evaluate risks and support the identification of vulnerabilities.
12. You should have excellent verbal and written communication skills to effectively communicate with stakeholders.
13. You should be proactive, self-motivated, and highly professional, with strong stakeholder relationship skills.
About Mazars
Mazars is a leading international professional services firm delivering exceptional quality in audit, accounting, tax, financial advisory, outsourcing and consulting.
We are one diverse, multicultural, multi-generational team with a huge sense of connection and belonging. This is a place where you can take ownership of your career, get involved, believe in yourself and put your ideas into action.
At Mazars, we celebrate individuality and thrive on teamwork. We give people the freedom to make a personal contribution to our shared purpose. We support one another to deliver quality, create change and make an impact so that everyone can reach their full potential.
Being inclusive is core to our culture at Mazars; we want to ensure everyone, whether in the recruitment process or beyond is fully supported to be their unique self. To read more about our approach click here
Our aim is to make the recruitment process as accessible and inclusive as possible - please contact us to discuss any changes you may require so we can work with you to support you throughout your application.