IT Security Risk Analyst
IT Security Risk Analyst
Dunnes Stores is Ireland’s leading retailer positioned at the cutting edge of food and fashion retailing. We are Irish owned and operate over 130 stores across Ireland, Northern Ireland, and Spain, as well as a growing online store. We are expanding our service and product offering for our customers all the time.
The Dunnes Stores IT Security Team has overall responsibility for cyber security both physical IT assets and cloud based technologies across Dunnes Stores Group, as such it is an integral defence function within Dunnes Stores Ltd. The team is continuously assessing cyber risk to the business and developing appropriate detective and defensive capabilities.
We are looking for IT Security & Risk Analyst within our Information Security & Cyber Risk Management team, who preferable has previous experience from retail or a similarly fast paced distributed environment. Ideally we are looking for someone with experience in information security with a background in risk and/or IT network and infrastructure
This role will be a mixture of training & awareness for new and existing employees, new project implementation activities, analysis of current and emerging threats and co-ordination of the broader IT Risk management committee, including Security, Resilience & Stability themes.
- Work on ensuring colleagues and wider Dunnes employees are aware of and understand the threats, risks and responses to Cyber and IT risk matters, through a variety of training and awareness methods.
- Ensure all mandatory cyber and IT risk training is completed by Dunnes employees and that the methods used to raise awareness are engaging and effective.
- Assist where appropriate with the development of incident response plans, workflows, and Standard Operating Procedures and their onward training and embedding.
- Provide feedback and automate the common recurring tasks in Cyber threat and IT Risk.
- Be responsible to manage self, time and the tasks assigned.
- Regularly and promptly carry out the ticket management tasks.
- Run the security calls with third parties and develop KPIs / KRI’s around key risks in relation to Security, Resilience and Stability.
- Minute the meetings and present notes to the Head of IT Security in a timely manner.
- Adhere to strict change management process through the Change Advisory Board
- Create and review monthly reports with analysis along with the IT Management Risk Committee.
- Continuously assess current state of security training and awareness, recommending enhancements to the security process, procedures and policies.
- Document and maintain Dunnes Stores build documents, security procedures and processes.
- Stays up-to-date with emerging security threats including applicable regulatory security requirements.
- Communicate effectively with colleagues, management and third parties.
- Provide mentoring to other members of the IT & IT Security team.
- Understand the business and information risk context, and monitor, report and propose architectures and countermeasures to mitigate risks
- Attend team meetings as required and produce/distribute any InfoSec related material
- Day to day analysis of our abilities to resist, current and emerging threats
- To keep a technical industry awareness of security risks and exposures and proactively promote effective counter-measures
- To work cooperatively with the project teams when required and ensure that new project changes adhere to the security policies and infrastructure standards and integrate into existing procedures or refining them as appropriate
- Strong problem-solving skills, critical thinking, excellent analytical ability, strong judgment and the ability to deliver high performance and high levels of customer satisfaction in a matrix managed environment.
- Experience on SIEM technology, preferably on IBM QRadar
- Device Knowledge such as Firewall, IPS/IDS, Routers/Switches
- Security certifications (CISM/CISA) preferred
- Demonstrable experience of identifying information risks and the commensurate controls
- Excellent communication and presentation skills, both written and verbal
Education & Qualifications:
- Experience working in Security Operations Centre with a Security Incident & Event Management (SIEM) to identify & understand risks / threats.
- Proficient knowledge in incident prevention, detection and response tools
- Knowledge of network and server security products, technologies, and protocols
If this sounds like the job for you, please apply and tell us why you would be perfect for this challenging and rewarding role!
Dunnes Stores is an Equal Opportunities Employer