IT Security Specialist focusing on cyber defense within a family - owned company. Responsibilities include managing firewalls, monitoring threats, and implementing security solutions.
About the role
- IT Security & Controls Senior Analyst role focusing on security posture and compliance requirements. Guiding junior analysts and conducting risk assessments within the financial entity.
Responsibilities
- Collaborate at Group level (Ford Motor Company, Ford Motor Credit Company) to continually improve control documents.
- Advise Software Engineering teams on meeting their controls responsibilities.
- Conduct Security & Risk assessments of Third-party ICT service providers across FCE (IT due diligence reviews).
- Identify and report compliance gaps with relevant security regulations and industry standards (e.g., SOX, GDPR, DORA).
- Lead on remediation of complex IT Security & Controls related audit findings and control gaps.
- Conduct Security & Risk assessments of Third-party ICT service providers.
Requirements
- Degree in IT, Cybersecurity, or related field (minimum 2:2 or international equivalent).
- Experience in IT Security, with a strong controls mindset and background in system development or management.
- Familiarity with SOC 2 Type II, ISO 27001, or similar standards.
- Solid understanding of cybersecurity threats, controls, and incident response.
- Strong organizational, communication, and documentation skills.
- Ability to assess risks and develop practical security solutions.
- Certifications such as CRISC, CISM, CISSP, CISA (desirable).
- Knowledge of ICT regulations (e.g., DORA, SYSC8, BaFin) (desirable).
- Experience in financial services or regulated environments (desirable).
- Cloud security expertise (AWS, Azure, GCP) (desirable).
- Experience in security awareness and training (desirable).
Benefits
- The Company is committed to diversity and equality of opportunity for all and is opposed to any form of less favourable treatment or harassment on the grounds of race, religion or belief, sex, marriage and civil partnership, pregnancy and maternity, age, sexual orientation, gender reassignment or disability
- As part of our pre-employment checks process, successful candidates will be required to undergo a criminal record check. This will be conducted in line with the Rehabilitation of Offenders Act 1974 and applied only to unspent convictions.
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Junior Information Systems Security Engineer at AMERICAN SYSTEMS managing DoD cyber security. Collaborating on technical issues and supporting risk management framework compliance.
Information Systems Security Engineer assisting in cyber security requirements for DoD systems. Collaborating closely with customers and ensuring compliance with the DoD Risk Management Framework.
Staff Product Security Engineer driving security innovation while ensuring compliance with federal standards at DataRobot. Leading security engineering, automation, and customer engagement for federal customers.
Auszubildende(n) zur Fachkraft für Schutz und Sicherheit in Hamburg bei proSicherheit GmbH. Modernes Sicherheitsunternehmen mit Fokus auf Sicherheit und Vertrauensaufbau.
Security staff for proSicherheit performing access controls and ensuring compliance with safety standards. Involves reporting, patrolling, and handling emergencies in Hamburg area.
Cloud Security Architect responsible for strategic growth and development of Cloud Security solutions. Work with national clients on architecture and security concepts in Switzerland.
Cyber Security Engineer responsible for DevSecOps and security automation at a leading Swiss IT consulting firm. Engaging in security measures across industries with a focus on collaboration and technology.
Information Security Manager coordinates ISMS development and security measures for Megamaris GmbH. Responsible for risk analysis and security training across 12 subsidiaries.
Security GRC Manager managing audits and compliance programs at Salesforce. Overseeing cloud security compliance and collaborating across departments for risk management.