This position is responsible for leading efforts to analyse, define, implement, and support complex solutions that meet business needs in areas of cyber security governance, risk management, compliance, and security awareness, training and education. Senior Functional Analyst performs as an expert at driving cyber GRCS efforts by facilitating requirements analysis and design activities that will meet the business and ITS department needs and requirements. The role ensures that all information technology investments are clearly aligned with the priorities of the business.
Key responsibilities include:
- Leads the efforts as required for all global IT security policy and awareness efforts, IT risk assessments, regulatory compliance and support of IT audits
- Drives awareness of risk and appropriate measures to manage risk across the business
- Supports junior members of GRCS team in resolvent of complex demands and tasks, and supports their development
- Assist to cyber GRCS team Leader in information security policies and standards annual reviews and updates
- Support the formal IT security risk analysis and self-assessment program
- Perform assessments of the IT security/risk posture within the IT network, systems and software applications
- Identify opportunities to reduce risk and document remediation options regarding acceptance or mitigation of risk scenarios
- Work with the rest of the global security and compliance team to identify and resolve security and risk gaps in the security program
- Contribute Cyber GRCS team to conduct and manage an ongoing company-wide cyber phishing training program
- Contribute GRCS effort to partner with Corporate Communications to effectively convey Awareness messages to employees and contractors
Knowledge and experience required:
- Degree (BS or MS) in computer science/engineering, cybersecurity or related field
- 5+ years’ experience in development, coordination of IT security policy, risk management, compliance and awareness efforts within a global corporation
- Fluency in English language
- Professional certifications CISSP, CRISC, CISM, CISA, SANS SEC 401
- Very good understanding of IT security, risk management and governance standards including NIST, COBIT, ISO 27001
- Understanding of security requirements of Sarbanes-Oxley and Data Privacy laws (desirable)
- Very good understanding of security requirements for Cloud environment (e.g. Cloud Security Alliance)
- Fluency in English and strong written and verbal communications skills
Ball Corporation is an Equal Opportunity Employer. We actively encourage applications from everybody, regardless of gender, age, ethnicity, faith, ability, or orientation.
When you join Ball you belong to a team of over 22,000 members worldwide. Our products range from infinitely recyclable aluminum cans, cups, and aerosol bottles, to aerospace solutions that enable our customers to have a deeper understanding of our planet and the universe.
Each of us has a deep commitment to diversity and inclusion which is the foundation of our culture of belonging. Everyone at Ball is making a difference by doing what we love. Because what we create may change, but what we will always make is a difference.
Please note the advertised job title might vary from the job title on the contract due to local job title structure and global HR systems.
No agencies please.