About this role
The Vocalink Control Office function seeks a Senior Technology Risk Analyst with Information Security knowledge to support the Certification and Assurance team within Vocalink Limited. The role supports Certifications, Certification Audits, and Assurance activities to retain certifications and deliver assurance requirements, including conducting control testing. It requires understanding security and technology controls and frameworks like ISO27001, ISO22301, PCI DSS.
Support preparation for annual certification audits and assess controls against security standards and obligations. Assist in managing certifications such as ISO27001 and PCI DSS, and assurance activities like ISAE3000. Prepare clear control testing documentation, conduct periodic testing, and collect evidence from Control Owners.
Maintain close relationships with Control and Process Owners, 1st Line teams, 2nd Line Security partners, and Internal Audit. Support the team Director in delivering the Certification and Assurance plan. Contribute to management information, dashboards, and thematic analysis for governance forums.
Support development of certification management, assurance, and control testing processes, standards, and methodologies. Adhere to control testing standards and provide input to streamline activities. Contribute to the maturity of the 3 Lines of Defence model.
Requirements
- Understanding of security and technology controls and frameworks
- Experience with at least one security standard such as ISO27001, ISO22301, PCI DSS, PCI PIN, Swift, or ISAE3000
- Proven ability to analyse or implement information security controls to meet design, implementation, and operating effectiveness requirements
- Knowledge of certification audits and assurance activities
- Experience conducting control testing and documenting results
- Familiarity with control testing methodologies
Responsibilities
- Support the preparation for annual certification audits
- Assess and validate controls and processes against security standards
- Assist in managing certifications such as ISO27001 and PCI DSS
- Evaluate compliance with internal policies, standards, regulatory requirements, and customer obligations
- Prepare clear and accurate control testing documentation, including test procedures, results, and evidence
- Support periodic testing of controls in line with a Control Testing Methodology
- Collect control testing evidence from relevant Control Owners
- Identify and document control deficiencies, escalating to the Manager and supporting remediation
Similar roles
Senior Internal Auditor - IT and Operational Audit
1d1 day agoMundipharma
London, GB · Full-time · £65,000 – £85,000
Senior IT Audit Manager
5d5 days agoVanguard
London, GB · Full-time · £85,000 – £115,000
Data & AI Risk Analyst
5d5 days agoQBE Insurance
London, GB · Full-time · £48,000 – £68,000
Technology Risk Analyst
1w1 week agoPacific Life Re
London, GB · Full-time · £42,000 – £55,000