Associate Security Analyst

dunnhumby is the global leader in Customer Data Science, empowering businesses everywhere to compete and thrive in the modern data-driven economy. We always put the Customer First.

Our mission: to enable businesses to grow and reimagine themselves by becoming advocates and champions for their Customers. With deep heritage and expertise in retail – one of the world’s most competitive markets, with a deluge of multi-dimensional data – dunnhumby today enables businesses all over the world, across industries, to be Customer First.

dunnhumby employs nearly 2,500 experts in offices throughout Europe, Asia, Africa, and the Americas working for transformative, iconic brands such as Tesco, Coca-Cola, Meijer, Procter & Gamble and Metro.

The Client Assurance Analyst will be responsible for supporting the Client Assurance Lead in responding to the ad hoc requests for information as well as planning and preparing for scheduled audits. They will be required to maintain the repository of responses and ensure that it is kept relevant. A key part of the role will be to assist in implementing and maintaining improvements and efficiency of our external audit involvements.

Key accountabilities:

• Maintain the Repository of Responses by developing and managing the review schedule for the various controls within the Repository

• Collaborate with the various Legal, Client, Technology and Security teams to obtain information and evidence in response to requests for information and audits

• Ensure that evidence is catalogued and captured within the repository where appropriate

• Collaborate with colleagues in Security Operations and Threat Intelligence teams to support any security incidents and inquiries originating from or affecting clients

• Coordinating and tracking remediation of identified control gaps and audit findings

• Contributing to the identification and development of improvements to the client assurance and audit processes.

• Assisting with the development and generation of performance metrics against SLAs

Qualifications & Experience

Desirable

• Strong knowledge of various security frameworks (NIST, ISO27001)

• Strong reporting ability, with an understanding on how to tailor reports to different audiences

• Experience working as part of an audit team

• Professional certification, such as CISSP, CISA, CISM, ISO27001, etc Essential • BSc in any field as well as 2+ years of relevant experience within GRC (or 5+ years of experience without BSc)

• Strong attention to detail and methodical approach to working

• Strong ability to take initiative and self-organise

• All-rounder knowledge of information security controls and processes

• Proven track recording in stakeholder management

• Customer / client facing roles and experience

What you can expect from us

We won’t just meet your expectations. We’ll defy them. So you’ll enjoy the comprehensive rewards package you’d expect from a leading technology company. But also, a degree of personal flexibility you might not expect.  Plus, thoughtful perks, like flexible working hours and your birthday off.

You’ll also benefit from an investment in cutting-edge technology that reflects our global ambition. But with a nimble, small-business feel that gives you the freedom to play, experiment and learn.

And we don’t just talk about diversity and inclusion. We live it every day – with thriving networks including dh Gender Equality Network, dh Proud, dh Family, dh One and dh Thrive as the living proof. Everyone’s invited.

Our approach to Flexible Working

At dunnhumby, we value and respect difference and are committed to building an inclusive culture by creating an environment where you can balance a successful career with your commitments and interests outside of work.

We believe that you will do your best at work if you have a work / life balance. Some roles lend themselves to flexible options more than others, so if this is important to you please raise this with your recruiter, as we are open to discussing agile working opportunities during the hiring process.

For further information about how we collect and use your personal information please see our Privacy Notice which can be found (here)