Information Security Risk Administrator

Are you ready to take the challenge? Do you want to be the amongst the first to be involved in new projects and initiatives across in the largest sports broadcaster in the world? If so, the DAZN Technology Governance team is the place for you. 

As the Information Security Risk Administrator, you will work with multiple teams to identify and assess their individual risk and control requirements.  You will assist in the definition of the enterprise strategic vision and work to administer remediation controls throughout the business. Working in a pragmatic way you will help deliver on the organizations technology strategy and continue to mature the IT Risk Management program.

 

Providing subject matter expertise within the area of Information Security Risk and Supplier Risk Management

Maintain standards and procedures in relation to information security risk and supplier risk management.

Facilitating the identification and assessment of risk within the organisation and documenting it accordingly in the Information Security Risk Register

Performing Supplier Risk Management activities 

Ensure effective communication and awareness to the business in support of risk assessment process.

It would also be fantastic if you had:

Past experience prepping, coordinating and hosting external audits (e.g. ISO 27001, PCI DSS, SOC).

A sound knowledge of business management and knowledge of common risk management frameworks like ISO 27005, ISO 31000, FAIR, IRAM 2, CIS RAM etc.

Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate strategic information security topics, policies and standards as well as risk-related concepts to technical and nontechnical audiences at various hierarchical levels.

An understanding of IT Infrastructure and Cloud Services

Experience interacting, presenting and working with C-level executives (CTO, CIO, etc.)

Professional security management certification strongly desirable, such as Certified Risk Information Security Control (CRISC), Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA) or other similar credentials

Experience with electronic risk management tools (e.g., OneTrust, ServiceNow GRC, MetricStream)

Exposure to privacy legislation and requirements

 

Most of all we are looking for an independent thinker, with a drive to make real change within an organisation – if you have the drive we have the opportunity.