The Information Security Team at GiG is growing and the search has started for a new Junior Information Security GRC Analyst. The selected candidate will be responsible for supporting the implementation and maintenance of controls and processes required for GiG’s Information Security Management System (ISMS). This would include several areas such as assisting with policy management, promoting Information Security across the organisation, and liaising with the compliance team with regard to any regulatory requirements of a security nature.
What you will be doing:
- Assisting in the development and maintenance of the Group’s Information Security related policies, and procedures.
- Keeping the continual improvement of GiG’s ISMS at the forefront.
- Supporting the design and promotion of information security processes.
- Ensuring operational effectiveness by participating in regular audits.
- Contributing to the development of appropriate security KPIs, objectives and strategies, with the aim of improving the Group’s security posture and security maturity.
- Contributing to the security education, training and awareness framework, as well as promoting information security across the organisation.
- Participating in information security risk assessments.
- Reviewing the Group’s Security Risk Register
- Reviewing exception requests
- Keeping abreast of ISO27001, PCI DSS and other relevant compliance standards – including MGA and UKGC gaming regulatory requirements.
- Participating in regulatory audits and assisting GiG’s Legal and Compliance teams as required.
- Supporting the supplier onboarding assessment process as part of the procurement process.
- Regular reporting on the Group’s Information Security Posture
- Conduct periodic User Access Control Reviews
- Assist in maintaining GiG’s ISO 27001 certifications
- Assist in internal audits.
- A passion for Information Security.
- Bachelor’s degree in Information Systems, Computer Science or a relevant area.
- One year experience.
- A basic understanding of the igaming industry.
- A basic understanding of information security, and relevant concepts (deep technical knowledge is not required).
- An understanding of ISO27001 requirements.
What we offer:
- Hybrid Working Model
- International Health Insurance
- GiG Wellbeing Benefit (EUR 350)
- Career and Development Opportunities
- Coaching and Mentoring
- Birthday Leave
- Free Lunches at the office
- Free Parking
Last updated on Nov 14, 2023