EHS&S Specialist managing compliance and data systems for global animal - health services. Ensuring EHS standards and documentation across North America locations with hybrid work model.
About the role
- Senior Security Analyst supporting Certification and Assurance at Mastercard. Managing certifications and conducting control testing against various security standards and frameworks.
Responsibilities
- Support the preparation for annual certification audits.
- Support the assessment and validation of controls and processes against a variety of security standards and obligations.
- Assist in managing certifications (e.g., ISO27001, PCI DSS) and assurance activities (e.g., ISAE3000).
- Evaluate compliance with internal policies, standards, regulatory requirements, and customer obligations.
- Prepare clear and accurate control testing documentation, including test procedures, results, and supporting evidence.
- Support periodic testing of controls in line with a Control Testing Methodology.
- Timely collection of control testing evidence from relevant Control Owners to support scheduled testing activities.
- Identify and document control deficiencies, ensuring timely escalation to the Manager and support remediation follow-up activities.
- Support the team Director in delivering the Certification and Assurance plan.
- Maintain close working relationships with Control and Process Owners and Operators to operate certificate maintenance and assurance activities efficiently and effectively.
- Work closely with 1st Line teams to obtain evidence, clarify processes, and ensure accurate testing outcomes.
- Liaise with 2nd Line Security partners and Internal Audit as directed, ensuring transparency and alignment with control testing activities.
- Contribute to the preparation of management information, dashboards, and thematic analysis for governance forums.
- Support control owners by providing observations on control effectiveness and contributing to discussions on remediation approaches.
- Support the development of certification management, assurance activities and control testing processes, standards, tools, and methodologies.
- Adhere to established control testing standards, procedures, and documentation requirements.
- Provide input on opportunities to streamline testing activities, improve efficiency, and enhance the consistency of outcomes.
- Contribute to the maturity of the 3 Lines of Defence model and promote a culture of proactive risk management.
- Stay informed on emerging risks, regulatory changes, certification changes and industry best practices with a focus on cybersecurity risks.
Requirements
- Experience of conducting security related audits/reviews
- Knowledge and experience of all areas of security
- Experience in control testing or assurance within security in a regulated environment
- Experience operating good practice security audit management and assurance processes
- Good investigative and analytical experience (e.g. enquiry, scanning, analysis, interviewing, testing), problem-solving, and decision-making skills
- Experience of working with control frameworks and standards (e.g. ISO27001, NIST, CRI, or PCI-DSS).
- Ability to assess control design and operating effectiveness in complex environments and to identify control gaps and improvement opportunities
- Good communication and stakeholder engagement skills.
- Professional certifications such as CISA, CISM, CISSP, PCI SSC ISA, CRISC, or equivalent is desirable.
- Bachelor’s degree in Computer Science, Cyber Security, Information Technology, or a related field.
- Good Knowledge of security controls and IT general controls across a variety of platforms and environments.
- Knowledge of security related control frameworks and standards.
- Proficiency in Microsoft Office Suite (MS Word, MS Excel, MS Access and MS PowerPoint)
Benefits
- Health insurance
- Flexible working hours
- Professional development
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Senior Manager, IAM Control Assurance supporting identity and access management compliance within a global financial organization. Collaborating with cross - functional teams for regulatory and audit compliance.
Senior Security Engineer focusing on application security for Relativity software products. Collaborating with teams to implement security best practices and address security vulnerabilities.
Senior Information Security Engineer designing and maintaining security solutions for Utica National Insurance Group. Collaborating across teams to defend against cyber threats and ensure compliance.
Program Manager driving strategic alignment and overseeing enterprise - wide transformation programs at St Vincent's Health Australia. Leading cross - functional teams and ensuring programs deliver value within scope and timelines.
Cloud Security Architect shaping security architecture for scalable cloud solutions at GRAYOAK. Collaborating with cross - functional teams to ensure secure software development and architecture.
Cloud Security Specialist ensuring the security of customer services and infrastructure in cloud platforms. Implementing monitoring tools and enhancing security policies for clients’ cloud environments.
Information Systems Security Officer for federal programs, managing security and compliance in IT. Assessing risks and delivering training to enhance cybersecurity practices.
Distinguished Engineer for AI & Product Security at Workday, driving security strategy for AI technologies and cloud - native applications. Leading security architecture and complex reviews across critical products.
Hands - on Security Engineer working across multiple layers for a cloud procurement platform. Ensuring security while developing automated workflows in a global team environment.