Cyber Risk Assurance Analyst

Cyber Risk Assurance Analyst

Luton/Hybrid

Company

When it comes to innovation and achievement there are few organisations with a better track record. Join us and you’ll be able to play a big part in the success of our highly successful, fast-paced business that opens up Europe so that people can exercise their get-up-and-go. With almost 300 aircraft flying over 1,000 routes to more than 32 countries, we’re the UK’s largest airline, the fourth largest in Europe and the tenth largest in the world. Set to fly more than 90 million passengers this year, we employ over 10,000 people. Its big-scale stuff and we’re still growing.

Team

The role situated in a team of cyber security professionals and working closely with the wider business to ensure that the principles of Digital Safety are as engrained as Aircraft Safety. This means close alignment to Operational, Commercial along with Regulatory and Audit functions. The role requires working closely with the Senior Digital Safety Risk Manager, the Head of Digital Safety Assurance and the Technical Security and Business Partner functions to support the Digital Safety vision .

The Cyber Risk Assurance Analyst role involves using data and analytical skills to identify, measure, and track cyber security risks within easyJet. This role requires collaboration with various business areas to gather the necessary information that enables the creation of informative risk reports, aiding decision making in the relevant forums supporting the Digital Safety Assurance team’s objectives and assists in shedding light on key areas pertaining to our regulatory compliance and control maturity.

Job Accountabilities

· Effectively leverage the Digital Safety risk framework to identify, analyse and manage cyber risk within easyJet, reflecting in-depth knowledge and experience.

· Actively engage with numerous functions, from technical IT to business facing functions, to gather a comprehensive range of risk-related information to demonstrate broad organisational understanding.

· Apply the Digital Safety assurance processes to accurately identify and register risks, demonstrating strategic initiative and proactively. to perceive and register risks.

· Collaborate with the IT Quality and Risk function to identify significant areas of IT risk in the context of Digital Safety risks, demonstrating strong cross-functional teamwork.

· Report to senior management via appropriate forums on risk and assurance findings and risk treatment plans;

· Present and articulate findings at risk forums to facilitate the management of identified risks, showcasing nuanced understanding and strong communication skills;

· Maintain and update knowledge of the current threat landscape and evaluate its impact on the likelihood of risk events occurring, reflecting a commitment to knowledge development.

· Provide education, guidance and mentorship to colleagues outside of Risk and Assurance on the use of the risk methodology, fostering a companywide understanding of risk management and reporting.

Supporting Risk and Assurance:

· Tracking, management and reporting of risk, control and deviation remediation activities,

· Facilitate in the preparation of material for internal or external auditors,

· Preside over meetings, ensuring key decisions and discussions are minuted and action logs are maintained for future reference.

· Provide strategic support to the Digital Safety Risk and Assurance team to identify and capture gaps and information concerning our data governance framework.

· Responsible for updating the risk register of information assets with risks associated with each asset.

· Maintain the risk register of exceptions, assess and record the risk associated with any exceptions.

· Collating information from the control and information asset registers to provide internal compliance reports.

Key Business Skills Required

· Has appropriate communication skills for effective dialogue with customers, suppliers and partners.

· Is able to work in a team. Is able to plan, schedule and monitor own work within short time horizons. Demonstrates a rational and organised approach to work.

· Is fully aware of and complies with essential organisational security practices expected of the individual.

· Analytical mind-set.

· Motivation to develop and maintain subject matter expertise.

· Ability to work to deadlines, prioritize and multi-task

· Ability to manage own workload and meeting schedule

· Basic Report writing.

· Ability to absorb and learn technical information and communicate this in a way that is easy to understand

Desirable Skills/Experience

· Ideally previous work in a cyber / information security compliance role that has required a general broad understanding of controls. However business experience gained in a similar role combined with relevant information security / cyber security education would also be appropriate.

· Experience in a similar information security role or other business roles where risk management formed part of the role’s responsibilities .

Ideal Qualifications

Information Security or Risk Management industry relevant qualifications and awareness

What you’ll get in return

· Competitive base salary

· Up to 20% bonus

· 25 days holiday

· BAYE, SAYE & Performance share schemes

· 7% pension

· Life Insurance

· Work Away Scheme

· Flexible benefits package

· Excellent staff travel benefits

About easyJet At easyJet our aim is to make low-cost travel easy – connecting people to what they value using Europe’s best airline network, great value fares, and friendly service.

It takes a real team effort to carry over 90 million passengers a year across 35 countries. Whether you’re working as part of our front-line operations or in our corporate functions, you’ll find people that are positive, inclusive, ready to take on a challenge, and that have your back. We call that our ‘Orange Spirit’, and we hope you’ll share that too .

Apply

Complete your application on our careers site.

We encourage individuality, empower our people to seize the initiative, and never stop learning. We see people first and foremost for their performance and potential and we are committed to building a diverse and inclusive organisation that supports the needs of all. As such we will make reasonable adjustments at interview through to employment for our candidates.