CrawlJobs Logo

Risk & Information Security Associate Analyst

www-ap.albourne.com Logo

Albourne

Location Icon

Location:
Cyprus , Nicosia

Category Icon
Category:
IT - Administration

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

Not provided
Save Job
Save Icon
Apply Position

Job Description:

We are looking for a highly organized, detail-oriented Risk & Information Security Associate Analyst to support the Chief Information Security Officer and Organizational Risk Manager, who holds a dual role overseeing both domains. This is a unique opportunity for someone interested in developing foundational expertise in both information security and organizational risk management. The successful candidate will be expected to operate with a high degree of autonomy, as they will be working in a different time zone from the Chief Information Security Officer and Organizational Risk Manager. Strong self-management, initiative, and sound decision-making are essential. There will also be occasions where the candidate will be required to adjust their working hours to ensure sufficient overlap with the manager for collaboration, reporting, and alignment on priorities.

Job Responsibility:

  • Monitor and report on the effectiveness of information security controls
  • Support the identification, tracking, and resolution of security incidents or weaknesses
  • Assist in maintaining security metrics and dashboards for internal reporting
  • Contribute to the assessment of operational, technology, and third-party risks
  • Assist in evaluating controls and proposing mitigation strategies aligned with risk appetite
  • Participate in internal audits and control testing, ensuring timely remediation of findings
  • Help maintain and enforce security and risk management policies and procedures
  • Support compliance with relevant data protection, privacy, and information security regulations
  • Coordinate periodic user access reviews and assist with awareness initiatives
  • Work across departments to gather risk-related information and support secure business operations
  • Liaise with IT, Legal, HR, and other teams to identify and escalate potential security or risk issues
  • Serve as a point of contact for basic security and risk queries
  • Operate autonomously, managing daily responsibilities with minimal supervision
  • Adapt work hours as necessary to ensure overlap with the CISO and Organizational Risk Manager, located in a different time zone
  • Proactively communicate status updates, issues, or concerns as they arise
  • Stay updated on emerging risks, cybersecurity trends, and evolving regulatory landscapes
  • Contribute to the ongoing refinement of the company’s information security and risk frameworks
  • Recommend and implement process improvements to enhance risk posture and operational efficiency

Requirements:

  • 2–3 years of professional experience
  • Excellent organizational skills with the ability to manage multiple workstreams and meet deadlines in a dynamic environment
  • Strong written and verbal communication skills, including the ability to prepare concise, well-structured documents and interact professionally across all levels of the business
  • Meticulous attention to detail, particularly in preparing audit materials, compliance documentation, and reviewing access controls
  • Proactive and self-motivated, able to work independently and across time zones without direct daily supervision
  • Comfortable handling sensitive and confidential information with discretion
  • Interest in technology, cybersecurity, and enterprise risk
  • Basic understanding of information security principles and frameworks (e.g., ISO 27001, NIST)
  • Ability to interpret and work with structured information (e.g., policies, risk registers, audit plans)
  • Capable of coordinating inputs from multiple stakeholders and compiling them into coherent outputs (e.g., committee papers, training summaries, client DDQs)
  • Personable and confident when engaging with colleagues from across the business
  • Curious and intellectually agile – open to learning new tools, frameworks, and ways of working
  • Ethical and accountable – operates with integrity and takes responsibility for meeting commitments
  • Values-driven – appreciates the importance of a strong risk and security culture in a regulated business environment

Nice to have:

  • Experience in risk management, information security, compliance, IT governance, or related fields
  • Previous exposure to information security or operational risk audits
  • Understanding of third-party risk management
  • Awareness of current trends in AI and its applications in cybersecurity or risk mitigation
  • Familiarity with legal or regulatory requirements affecting information security and enterprise risk management
  • Prior experience drafting or maintaining policies and procedures
  • Familiarity with ISO 27001 and similar frameworks
What we offer:
  • Support for professional qualifications (such as CFA and CAIA)
  • Career growth and tools for ongoing learning and development
  • Medical insurance for you and your dependents
  • Provident fund
  • Yearly bonus dependent upon performance and company growth
  • Opportunity for international travel (i.e., short periods of secondment to other Albourne offices)
  • 5 additional service recognition holidays in surplus to standard annual leave
  • Albourne Training Days (minimum of 40 hours per year)
  • Free office parking
  • A supportive, diverse, and multi-cultural work environment
  • The freedom to work independently, solve problems, and creatively complete tasks within deadlines
  • Opportunities for career progression, both horizontally and vertically, once you’ve mastered your current role
  • An open-plan office with kitchen facilities and a communal entertainment area
  • Fun social activities to foster team bonding
  • Charity Day—an annual opportunity to work on a cause you’re passionate about
  • Company-wide support for fitness, mental health, and wellness, with sessions available for employees to engage in these activities

Additional Information:

Job Posted:
December 17, 2025

Employment Type:
Fulltime
Work Type:
On-site work
Icon
Albourne - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Risk & Information Security Associate Analyst

Senior Third-Party Security Risk Analyst

As a Senior Third-Party Security Risk Specialist at Ledger, you will play a vita...
Location
Location
France , Paris
Salary
Salary:
Not provided
https://www.ledger.com Logo
Ledger
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Master degree in Information Security, Cybersecurity, or a related field
  • 5+ years of progressive experience in third-party risk management, with a strong background in audit, risk management, compliance, or a related control function within a complex organization
  • Proven project management skills with the ability to manage complex, cross-functional projects and maintain comprehensive documentation
  • In-depth knowledge of security frameworks and standards (e.g., ISO 27001, NIST Cybersecurity Framework) and experience in applying them to third-party risk management and regulatory requirements
  • Excellent analytical and problem-solving skills with a focus on identifying root causes and developing effective solutions
  • Strong communication and interpersonal skills, including the ability to influence and negotiate with vendors and stakeholders at all levels
Job Responsibility
Job Responsibility
  • Conduct comprehensive security assessments of third-party vendors, including reviewing their security policies, procedures, and controls
  • Proactively identify and evaluate potential security/privacy risks associated with a particular focus on those that could impact Ledger's reputation, financial stability, and customer trust
  • Develop and implement risk mitigation strategies to address identified vulnerabilities
  • Lead the collaboration with vendors to remediate security gaps and ensure compliance with Ledger's stringent security requirements
  • Establish and maintain a robust vendor security monitoring program, driving continuous improvement in vendor security posture and compliance
  • Develop, implement, and continuously improve Ledger's third-party security risk management program, including policies, standards, procedures, and tools
  • Prepare reports and presentations on vendor security risks and mitigation efforts to senior management, stakeholders, and the Comex
  • Participate in audits as part of the Privacy audit program according to the agreed annual audit plan
What we offer
What we offer
  • Equity: Employees are the foundation of our success, and we award stock options so you can share in that success as we grow
  • Flexibility: A hybrid work policy
  • Social: Annual company outing for Ledgerdary Days, plus frequent social events, snacks and drinks
  • Medical: Comprehensive health insurance policy offering extensive medical, dental and vision care coverage
  • Well-being: Personal development, coaching & fitness with our dedicated partners
  • Vacation: Five weeks of paid leave per year, in addition to national holidays and rest & relaxation (RTT) days
  • High tech: Access to high performance office equipment and gadgets
  • Transport: Ledger reimburses part of your preferred means of transportation
  • Discounts: Employee discount on all our products
  • Fulltime
Read More
Arrow Right

Senior Third-Party Security Risk Analyst

As a Senior Third-Party Security Risk Specialist at Ledger, you will contribute ...
Location
Location
France , Paris
Salary
Salary:
Not provided
https://www.ledger.com Logo
Ledger
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Master degree in Information Security, Cybersecurity, or a related field
  • 5+ years of progressive experience in third-party risk management, with a strong background in audit, risk management, compliance, or a related control function within a complex organization
  • Proven project management skills with the ability to manage complex, cross-functional projects and maintain comprehensive documentation
  • In-depth knowledge of security frameworks and standards (e.g., ISO 27001, NIST Cybersecurity Framework) and experience in applying them to third-party risk management and regulatory requirements
  • Excellent analytical and problem-solving skills with a focus on identifying root causes and developing effective solutions
  • Strong communication and interpersonal skills, including the ability to influence and negotiate with vendors and stakeholders at all levels.
Job Responsibility
Job Responsibility
  • Conduct comprehensive security assessments of third-party vendors, including reviewing their security policies, procedures, and controls
  • Proactively identify and evaluate potential security/privacy risks associated with a particular focus on those that could impact Ledger's reputation, financial stability, and customer trust
  • Develop and implement risk mitigation strategies to address identified vulnerabilities
  • Lead the collaboration with vendors to remediate security gaps and ensure compliance with Ledger's stringent security requirements
  • Establish and maintain a robust vendor security monitoring program, driving continuous improvement in vendor security posture and compliance
  • Develop, implement, and continuously improve Ledger's third-party security risk management program, including policies, standards, procedures, and tools
  • Prepare reports and presentations on vendor security risks and mitigation efforts to senior management, stakeholders, and the Comex
  • Participate in audits as part of the Privacy audit program according to the agreed annual audit plan.
What we offer
What we offer
  • Equity: Employees are the foundation of our success, and we award stock options so you can share in that success as we grow
  • Flexibility: A hybrid work policy
  • Social: Annual company outing for Ledgerdary Days, plus frequent social events, snacks and drinks
  • Medical: Comprehensive health insurance policy offering extensive medical, dental and vision care coverage
  • Well-being: Personal development, coaching & fitness with our dedicated partners
  • Vacation: Five weeks of paid leave per year, in addition to national holidays and rest & relaxation (RTT) days
  • High tech: Access to high performance office equipment and gadgets
  • Transport: Ledger reimburses part of your preferred means of transportation
  • Discounts: Employee discount on all our products.
  • Fulltime
Read More
Arrow Right

Email Security Analyst

The Info Security Tech Sr Analyst is responsible for leading efforts to prevent,...
Location
Location
Singapore , Singapore
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Technical and analytical expertise and experience (preferred 3+ years’ Information Technology/ Cybersecurity experience)
  • Understanding of and demonstrated experience with the tools and sources available to conduct email and threat analysis
  • Cross-functional understanding of email operations, security practices and the user experience
  • Ability to organize and appropriately prioritize multiple, ongoing tasks via efficient time management and forecasting
  • Project management skills a plus
  • Ability to work independently, as well as in team situations, to help internal and external customers achieve desired results
  • Strong written and verbal communication and presentation skills
Job Responsibility
Job Responsibility
  • Actively monitor and research cyber threats with a direct or indirect impact to the Citi brand
  • Analyze and provide oversight of analysis of email threats and controls
  • Develop and manage processes to track identified incidents to resolution
  • Develop metrics and reports as needed
  • Triage information received from vendors and process that information through previously defined internal workflows
  • Manage meetings with internal stakeholders to address open issues and identify process improvements
  • Actively engage in liaison activities with intelligence communities, industry associations, peer institutions, and information sharing communities
  • Apply developed communication and diplomacy skills to guide and influence decision makers
  • Appropriately assess risk when business decisions are made, demonstrating particular consideration for the firm's reputation and safeguarding Citigroup, its clients, and assets, by driving compliance with applicable laws, rules, and regulations, adhering to Policy, applying sound ethical judgment regarding personal behavior, conduct and business practices, and escalating, managing, and reporting control issues with transparency
  • Keep up to date with the ever-changing cyber security landscape to remain relevant and knowledgeable through internal and external certifications
  • Fulltime
Read More
Arrow Right

Security Analyst

As a Security Analyst, you will be a key player in our IT security team, focusin...
Location
Location
United States , Tallahassee
Salary
Salary:
Not provided
https://www.roberthalf.com Logo
Robert Half
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Lead the technical execution of security-related projects, focusing on system hardening and network security
  • Engage in effective communication and collaboration with various teams to meet specific security standards
  • Utilize your expertise in firewalls, Intrusion Detection Systems/Intrusion Prevention Systems (IDS/IPS), and encryption to ensure secure configurations
  • Conduct comprehensive vulnerability assessments and devise relevant remediation strategies
  • Manage security tools and provide support for incident response, ensuring the seamless integration of security platforms
  • Ensure strict adherence to Criminal Justice Information Services (CJIS) and State of Florida regulations
  • Work closely with Governance, Risk, and Compliance (GRC) teams to address audit gaps
  • Document and provide training on cybersecurity solutions and processes with a focus on CJIS and State regulations
  • Reengineer security processes for improved efficiency and compliance
  • Stay informed about emerging threats and technologies, providing support for cybersecurity issues
Job Responsibility
Job Responsibility
  • Lead the technical execution of security-related projects, focusing on system hardening and network security
  • Engage in effective communication and collaboration with various teams to meet specific security standards
  • Utilize your expertise in firewalls, Intrusion Detection Systems/Intrusion Prevention Systems (IDS/IPS), and encryption to ensure secure configurations
  • Conduct comprehensive vulnerability assessments and devise relevant remediation strategies
  • Manage security tools and provide support for incident response, ensuring the seamless integration of security platforms
  • Ensure strict adherence to Criminal Justice Information Services (CJIS) and State of Florida regulations
  • Work closely with Governance, Risk, and Compliance (GRC) teams to address audit gaps
  • Document and provide training on cybersecurity solutions and processes with a focus on CJIS and State regulations
  • Reengineer security processes for improved efficiency and compliance
  • Stay informed about emerging threats and technologies, providing support for cybersecurity issues
What we offer
What we offer
  • medical, vision, dental, and life and disability insurance
  • eligible to enroll in our company 401(k) plan
  • Fulltime
Read More
Arrow Right

Operational Due Diligence Associate Analyst

We are looking for an ODD Associate Analyst to help analyze, review, and monitor...
Location
Location
United States , Stamford
Salary
Salary:
75000.00 - 85000.00 USD / Year
www-ap.albourne.com Logo
Albourne
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Strong academic background (Degree or equivalent qualification)
  • 1-2 years relevant prior work experience, with knowledge or experience of one or some of the following areas - fund operations, fund administration, prime brokerage, audit, legal, compliance, technology & information security
  • Possession of professional qualifications (e.g. CAIA, CFA, ACA) or interest in obtaining relevant professional qualifications
  • High level of writing proficiency
  • Experience of report writing
  • Systems literacy (Microsoft Excel, Word, PowerPoint, Outlook, Co-Pilot)
  • Proactive self-starter, proficient time management and multi-tasking
  • Professional demeanor and strong interpersonal skills
  • Attention to detail
  • Ability to travel as required
Job Responsibility
Job Responsibility
  • Assist with evaluating assigned alternative investment funds and managers across all asset classes
  • Conduct with fellow Due Diligence Analysts onsite interviews with fund managers to discuss operational risks, internal controls and information systems, as well as verifying existence of assets
  • Deploy skills and experience to contribute to these meetings and to prepare clear and concise written notes to summarise the findings
  • Review and interpret financial statements, offering documents, and other fund literature
  • Upon that review and interpretation, produce research deliverables for clients within the scheduled deadline
  • Conduct reference checks with service providers for completion of the relevant reports
  • Liaise with clients and fund managers with respect to ODD inquiries
  • Assist with producing detailed written reports with an analysis of operational risk and internal controls
  • Ensure client deliverables are prepared, reviewed, and delivered on a timely and accurate basis
  • Ongoing monitoring of assigned funds and updating written reports to reflect changes to the operational risk for those funds
What we offer
What we offer
  • Comprehensive Compensation and Benefits Package
  • Fully paid Medical and Dental PPO
  • Fully paid Basic Life and AD&D
  • 401k & FSA
  • Hybrid work schedule
  • Everyday Wellness, weekly yoga and fitness
  • Free Gym Membership near the office
  • 30 days paid time off each year including Vacation and Holidays
  • Fulltime
Read More
Arrow Right

Identity and Access Management Analyst

The Identity and Access Management Analyst is responsible for fulfilling access ...
Location
Location
Philippines , City of Taguig
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree holder and minimum of 4+ years of experience in an Information Security role or related field with service delivery and customer relationship management
  • Complex application or system knowledge
  • Interprets the principle of Information Security concepts and policies and ability to apply into day-to-day work
  • Demonstrate an understanding of the risk associated with cyber security and the controls set in place to manage risk in identity and access management
  • Proven use of discretion and sound judgment on handling of information with subject to sensitivity
  • Flexibility to work in various shift to provide on-call, holiday and/or weekend support on a periodic frequency
  • Proven capability to work within a team, seeks the input of others and greets change with optimism, curiosity and resilience, ability to manage multiple priorities and adjust to evolving work needs
  • Understand and relates own goals to Citi, business' and teams', create SMART goals and demonstrate accountability to achieve them
  • Consistently demonstrate clear and concise written and verbal communication in the English language as well as sensitive to audience diversity
  • Strong analytical skills and proven ability to use (Citi) Lean methodology to identify process improvements
Job Responsibility
Job Responsibility
  • Fulfill access requests within a variety of banking applications and infrastructure systems
  • Manage user roles and access privileges within compliance of set information security policies and standards
  • Support operations including weekends and public holidays on a rotational basis, as well as assigned on-call emergency support
  • Handle all kinds complex requests and issues independently by having a good understanding of security administration processes, practices, and policies
  • Lead resolution of severity issue, identify root cause and come up with corrective action plan to prevent recurrence while providing update to relevant parties
  • Represent IAM Service Delivery in compliance calls and walkthroughs with audit
  • provide related audit deliverables in timely manner and ability to analyze and make the right judgment over accuracy, completeness, soundness of information being provided
  • Creates, maintains and performs annual review of Process Control Manual documents associated with specific systems assigned
  • Ensure completion of Marketplace requests, troubleshooting incident issues, closure of compliance-related action items and housekeeping tasks are done within operational and controls thresholds at an individual and team level
  • Understand Continuity of Business and supports its application to IAM processes by maintaining resources like process control document up-to-date, ISA accesses, etc. within applications in scope of support
  • Fulltime
Read More
Arrow Right

Senior GRC Analyst

We are seeking an experienced Senior Governance, Risk, and Compliance (GRC) Anal...
Location
Location
United States , Chapel Hill
Salary
Salary:
Not provided
blumeglobal.com Logo
Blume Global
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of hands-on experience in GRC, preferably with a focus on acquisition integration
  • Strong knowledge of regulatory compliance requirements, risk management frameworks, including ISO 27001, NIST
  • Experience with SOC1/2, GDPR, and privacy frameworks
  • Proficiency in information security tools, techniques, and controls
  • Experience with metrics and KPIs to measure and track information security risk
  • Ability to develop policies, standards, and guidelines
  • ISO27001:2022 Lead Implementer, and lead auditor certifications are a must
  • CISA, CISM, CISSP, or CRISC certifications are desirable
  • Experience with GRC tools, such as Vanta, Archer, ServiceNow Risk modules is highly desirable
  • Exposure to CMMC/FedRAMP is highly desirable
Job Responsibility
Job Responsibility
  • Acquisition Assessment: Collaborate with cross-functional teams to assess the GRC landscape of newly acquired companies, identifying gaps and alignment opportunities
  • Integration Planning: Develop comprehensive integration plans tailored to each acquisition, ensuring alignment with the company's overarching GRC strategy
  • Risk Management: Evaluate and mitigate risks associated with integration processes, working closely with risk management teams
  • Policy and Procedure Harmonization: Bridge gaps between existing practices and those of acquired entities, harmonizing policies, procedures, and controls
  • Communication and Stakeholder Management: Effectively communicate integration plans and progress, fostering strong relationships with key stakeholders
  • Reporting and Documentation: Maintain accurate documentation of integration activities and generate insightful reports for senior management
  • Continuous Improvement: Identify areas for improvement and drive enhancements to the integration process
  • Customer Security Questionnaire Support: Collaborate with various teams to ensure accurate and comprehensive responses to customer security questionnaires
Read More
Arrow Right

Information Security Compliance Analyst

At Optimizely, we're on a mission to help people unlock their digital potential....
Location
Location
Bangladesh , Dhaka
Salary
Salary:
Not provided
optimizely.com Logo
Optimizely
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience working in an Information Security role dealing specifically with governance, risk and compliance areas is preferred
  • Awareness of Information Security Compliance programs such as ISO27001, SOC2 & PCI
  • Ensure that information security control requirements are met from an operational perspective
  • The ability to identify risks, issues and vulnerabilities
  • The ability to work proactively, pragmatically and collaboratively in a fast-paced working environment, balancing multiple concurrent activities
  • Knowledge of responding to Customer related Information Security and Privacy due diligence requests
  • Experience working with contractual agreements within the Compliance area
  • Strong communication skills collaborating with internal teams, enjoy collaborating across departments
  • Calm presence under tight deadlines
  • Self-starter, consistent performer, professional, positive attitude
Job Responsibility
Job Responsibility
  • Help support operational and process driven components of our ISO27001/SOC2/PCI information security program
  • Help drive a program of continual service improvement to ensure ongoing maturity of the global information security program
  • Help support the commercial agreement process by reviewing and providing feedback from a Compliance perspective, escalating risks and concerns where necessary
  • Coordinate, contribute and complete Requests for Proposals (RFPs), Due Diligence Questionnaires (DDQs), Security Questionnaires as well as ad-hoc questionnaires/requests for prospects and existing customers
  • Help maintain and exand the information security and privacy customer response/knowledgebase platform to ensure all information is regularly reviewed, is up to date and relevant across the product portfolio and other related engagements
  • Develop a strong understanding of our Software Service business, and what the products offer
  • Ensure high quality customer facing content, contribute to complex projects individually as well as balancing priorities within the team
  • Identify, communicate and escalate risks associated with customer proposals as well as the information security/compliance program overall
  • Work closely with Compliance Team members, Subject Matter Experts and other stakeholders/internal customers across the business, where necessary
  • Develop knowledge of industry trends, competitive landscape to facilitate improved customer experience
What we offer
What we offer
  • Best-in-class compensation plans
  • Two annual festival bonuses
  • Recognition and rewards programs
  • Vacations days
  • Annual Work/Service Anniversary Leave
  • Parental leave (both maternity and paternity)
  • Health insurance
  • Reproductive benefits for both parents
  • Volunteering opportunities to make a difference
  • Chance to work alongside our incredible global team
Read More
Arrow Right
Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Canada Jobs Australia Jobs Germany Jobs Ireland Jobs Poland Jobs
Company
Blog About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
CrawlJobs Group
ITFlashcards AllDevBlogs
© 2026 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy