Associate Security Analyst

dunnhumby is the global leader in Customer Data Science, partnering with the world’s most ambitious retailers and brands to put the customer at the heart of every decision. We combine deep insight, advanced technology, and close collaboration to help our clients grow, innovate, and deliver measurable value for their customers. 

dunnhumby employs nearly 2,500 experts in offices throughout Europe, Asia, Africa, and the Americas working for transformative, iconic brands such as Tesco, Coca-Cola, Nestlé, Unilever and Metro.

 

 

The audit and assurance analyst will be responsible for supporting the audit and assurance Lead in responding to the ad hoc requests for information as well as planning and preparing for scheduled audits. They will be required to maintain the repository of responses and ensure that it is kept relevant. A key part of the role will be to assist in implementing and maintaining improvements and efficiency of our external audit involvements.

Key accountabilities:

• Maintain the Repository of Responses by developing and managing the review schedule for the various controls within the Repository

• Collaborate with the various Legal, Client, Technology and Security teams to obtain information and evidence in response to requests for information and audits

• Ensure that evidence is catalogued and captured within the repository where appropriate

• Collaborate with colleagues in Security Operations and Threat Intelligence teams to support any security incidents and inquiries originating from or affecting clients

• Coordinating and tracking remediation of identified control gaps and audit findings

• Contributing to the identification and development of improvements to the client assurance and audit processes.

• Assisting with the development and generation of performance metrics against SLAs

 

Qualifications & Experience

Desirable:

• Strong knowledge of various security frameworks (NIST, ISO27001)

• Strong reporting ability, with an understanding on how to tailor reports to different audiences

• Experience working as part of an audit team

• Professional certification, such as CISSP, CISA, CISM, ISO27001, etc Essential • BSc in any field as well as 2+ years of relevant experience within GRC (or 5+ years of experience without BSc)

• Strong attention to detail and methodical approach to working

• Strong ability to take initiative and self-organise

• All-rounder knowledge of information security controls and processes

• Proven track recording in stakeholder management

• Customer / client facing roles and experience

 

 

 

What you can expect from us

We won’t just meet your expectations. We’ll defy them. So you’ll enjoy the comprehensive rewards package you’d expect from a leading technology company. But also, a degree of personal flexibility you might not expect.  Plus, thoughtful perks, like flexible working hours and your birthday off.

You’ll also benefit from an investment in cutting-edge technology that reflects our global ambition. But with a nimble, small-business feel that gives you the freedom to play, experiment and learn.

And we don’t just talk about diversity and inclusion. We live it every day – with thriving networks including dh Gender Equality Network, dh Proud, dh Family, dh One, dh Enabled and dh Thrive as the living proof.  We want everyone to have the opportunity to shine and perform at your best throughout our recruitment process. Please let us know how we can make this process work best for you. 

Our approach to Flexible Working

At dunnhumby, we value and respect difference and are committed to building an inclusive culture by creating an environment where you can balance a successful career with your commitments and interests outside of work.

We believe that you will do your best at work if you have a work / life balance. Some roles lend themselves to flexible options more than others, so if this is important to you please raise this with your recruiter, as we are open to discussing agile working opportunities during the hiring process.

For further information about how we collect and use your personal information please see our Privacy Notice which can be found (here)