IT Security & Controls Senior Analyst
Job Description
This role requires a blend of technical expertise, analytical skills, and a strong understanding of security principles, risk management frameworks and compliance regulations.
This is a leadership role demanding strong communication, analytical, and problem-solving skills, that would provide guidance and mentoring for Security & Controls Junior analysts.
Responsibilities
Security, Controls & Compliance:
Essential:
This position is based in Dunton, and it is expected the successful candidate will be able to attend the Dunton office for typically 4 days a week and remain flexible on the days they are required to attend the office according to business requirements.
As part of our pre-employment checks process, successful candidates will be required to undergo a criminal record check. This will be conducted in line with the Rehabilitation of Offenders Act 1974 and applied only to unspent convictions.
#FordCredit
This role requires a blend of technical expertise, analytical skills, and a strong understanding of security principles, risk management frameworks and compliance regulations.
This is a leadership role demanding strong communication, analytical, and problem-solving skills, that would provide guidance and mentoring for Security & Controls Junior analysts.
Responsibilities
Security, Controls & Compliance:
- Collaborate at Group level to enhance internal policies, standards, and controls.
- Advise Software Engineering teams on meeting compliance and control requirements.
- Conduct IT due diligence assessments of third-party ICT service providers to ensure alignment with leading information security standards.
- Identify and report gaps in compliance with key regulations (e.g., SOX, GDPR, DORA).
- Lead the remediation of complex audit findings and internal control issues, coordinating corrective actions and defining best practices.
- Develop and deliver awareness materials and contribute to reporting for senior risk and resilience committees.
- Represent the company at FS-ISAC events and other industry forums.
- Collaborate with global Ford Credit and FMC Cyber Defence teams to align strategies with FCE's needs.
- Monitor cybersecurity trends and innovations, identifying opportunities to strengthen our cyber defense posture.
- Attend external cybersecurity events and share key insights with internal stakeholders.
Essential:
- Degree in IT, Cybersecurity, or related field (minimum 2:2 or international equivalent).
- Experience in IT Security, with a strong controls mindset and background in system development or management.
- Familiarity with SOC 2 Type II, ISO 27001, or similar standards.
- Solid understanding of cybersecurity threats, controls, and incident response.
- Strong organizational, communication, and documentation skills.
- Ability to assess risks and develop practical security solutions.
- Certifications such as CRISC, CISM, CISSP, CISA.
- Knowledge of ICT regulations (e.g., DORA, SYSC8, BaFin).
- Experience in financial services or regulated environments.
- Cloud security expertise (AWS, Azure, GCP).
- Experience in security awareness and training.
This position is based in Dunton, and it is expected the successful candidate will be able to attend the Dunton office for typically 4 days a week and remain flexible on the days they are required to attend the office according to business requirements.
As part of our pre-employment checks process, successful candidates will be required to undergo a criminal record check. This will be conducted in line with the Rehabilitation of Offenders Act 1974 and applied only to unspent convictions.
#FordCredit