AMVETS Jobs

Introduction

Job Title: Cyber Security Analyst (Security Awareness focus)

The Economist Group is the leading source of analysis on international business and world affairs. We deliver our information through a range of formats, from newspapers and magazines to conferences and electronic services.

The Information Security team operates the Information Security Program and is responsible for the standard of information security across the Group. We define and implement our security strategy and mitigation activities across our brands. We work with business units to ensure that the confidentiality, integrity and availability risks that they are exposed to are clearly understood and appropriately managed.

The Cyber Security Analyst is a member of the Information Security team and this role will be part of a larger team who are responsible for protecting the company from cyber attacks. This role will specialise in the culture and learning aspect of the team. You will be responsible for developing a security and education program to cultivate a program of security within the organisation to ensure that all personnel connected with the company know, understand and follow our security requirements and behave in a secure manner. You will also learn about our security platforms and how to handle security incidents.

Responsibilities :

• Ensure that our security awareness program meets all industry regulations, standards, and compliance requirements.

• Ensure that our security awareness program communicates our security policies and requirements so that people know, understand and can follow them.

• Identify the top human risks to our organisation and the behaviours we need to change to mitigate those risks. Develop and maintain a security awareness program that effectively changes these behaviours so our employees act in a secure manner, reducing the most risk to our organisation.

• Create engaging training materials including presentations, videos, newsletters, and online modules to promote awareness and understanding of cyber security principles.

• Create a positive program that engages employees, to include focusing on changing behaviours both at home and at work. Ultimately we want our employees to demonstrate the same secure behaviours regardless of where they are or the devices they are using.

• Structure and maintain this program to be long term, so ultimately we are not changing just behaviours but culture.

• Analyse and respond to emails reported as phishing.

• Create a metrics framework that can effectively measure these requirements.

• Respond to security-related queries from all parts of the Group, tailoring your response and advice depending on the scenario

• Stay informed about emerging cyber threats, industry trends, and regulatory requirements to ensure the relevance and accuracy of awareness materials and initiatives.

• Identify and communicate at all levels (evangelising) relevant security threats to the Group’s application platforms.

• Serve as a point of contact for employees seeking guidance or information related to cyber security issues, and provide timely and accurate support and advice.

• Assist with investigating security alerts.

• Participate in incident response, from discovery through to recovery, lessons learned and remediation

  Qualifications :

• Cyber Security-related certification

• Ability to form complex ‘communications / messages’ in a simple, clear and concise manner to the various communities within our organisation. This can include different cultures, nationalities, international locations and languages.

• Project management experience, the ability to plan, manage and maintain a complex, organisation wide program over the longer term.

• Display practical knowledge of different message distribution techniques to ensure end user communities understand and continually apply the required behavioural change necessary to reduce the ‘human factors’ risk.

• Ability to communicate with and coordinate the activities of others.

• Understanding of the concepts of information risks and the different elements that make up risk. In addition, have at a minimum a basic understanding of the different concepts of information security.

• Excellent analytical and problem-solving skills.

• Strong communication and collaboration skills.

• Ability to work independently and as part of a team.

  In addition, the following would be desirable but not essential:

• Technology qualification

• International work experience desirable

• Experience in the media and entertainment or another lightly regulated industry

• Experience with risk management, compliance, audit, business continuity or finance

Accountabilities

• Ensure that our security awareness program meets all industry regulations, standards, and compliance requirements.

• Ensure that our security awareness program communicates our security policies and requirements so that people know, understand and can follow them.

• Identify the top human risks to our organisation and the behaviours we need to change to mitigate those risks. Develop and maintain a security awareness program that effectively changes these behaviours so our employees act in a secure manner, reducing the most risk to our organisation.

• Create engaging training materials including presentations, videos, newsletters, and online modules to promote awareness and understanding of cyber security principles.

• Create a positive program that engages employees, to include focusing on changing behaviours both at home and at work. Ultimately we want our employees to demonstrate the same secure behaviours regardless of where they are or the devices they are using.

• Structure and maintain this program to be long term, so ultimately we are not changing just behaviours but culture.

• Analyse and respond to emails reported as phishing.

• Create a metrics framework that can effectively measure these requirements.

• Respond to security-related queries from all parts of the Group, tailoring your response and advice depending on the scenario

• Stay informed about emerging cyber threats, industry trends, and regulatory requirements to ensure the relevance and accuracy of awareness materials and initiatives.

• Identify and communicate at all levels (evangelising) relevant security threats to the Group’s application platforms.

• Serve as a point of contact for employees seeking guidance or information related to cyber security issues, and provide timely and accurate support and advice.

• Assist with investigating security alerts.

• Participate in incident response, from discovery through to recovery, lessons learned and remediation

Experience, skills and professional attributes

• Cyber Security-related certification

• Ability to form complex ‘communications / messages’ in a simple, clear and concise manner to the various communities within our organisation. This can include different cultures, nationalities, international locations and languages.

• Project management experience, the ability to plan, manage and maintain a complex, organisation wide program over the longer term.

• Display practical knowledge of different message distribution techniques to ensure end user communities understand and continually apply the required behavioural change necessary to reduce the ‘human factors’ risk.

• Ability to communicate with and coordinate the activities of others.

• Understanding of the concepts of information risks and the different elements that make up risk. In addition, have at a minimum a basic understanding of the different concepts of information security.

• Excellent analytical and problem-solving skills.

• Strong communication and collaboration skills.

• Ability to work independently and as part of a team.

  In addition, the following would be desirable but not essential:

• Technology qualification

• International work experience desirable

• Experience in the media and entertainment or another lightly regulated industry

• Experience with risk management, compliance, audit, business continuity or finance

Job LocationsIndia-HR-Gurugram

ID 2024-9995

Function Technology