Information Security GRC Specialist

Lets be #BrilliantTogether

Position Overview

In this role you will support the information security agenda for ISS STOXX playing a crucial part in securing the confidentiality integrity and availability of our information assets systems and services. As part of the Governance Risk and Compliance (GRC) team within the Information Security Office you will work closely with technology functions to identify areas of greatest risk and support initiatives to maintain the information security and technology risk profile within appetite. You will also interact with internal business customers and internal and external audit functions responsible for managing compliance testing of control requirements.

Responsibilities

• Assist in ensuring compliance with regulatory requirements and industry standards such as ISO 27001 GDPR and NIST.

• Support the design implementation and monitoring of policies procedures and controls for compliance and regulatory activities.

• Assist in creating reports metrics and dashboards to measure the effectiveness of security controls and communicate insights to stakeholders.

• Support the implementation and continuous improvement of the organizations Information Security Management System (ISMS).

• Collaborate with IT and business teams to integrate information security seamlessly into the system development lifecycle.

• Assist with monitoring maintaining and measuring compliance with industry standards certifications and internal controls.

• Support IT Vendor Security Application Security and Physical Security Assessment programs.

• Ensure accurate and timely reporting of security metrics and key risk indicators (KRIs).

• Perform vulnerability application scanning and coordinate penetration testing.

• Other duties as assigned to improve security posture within ISS STOXX.

Required Qualifications

• Bachelors degree in Computer Science Information Security or a related field.

• Experience establishing and monitoring information security controls.

• Knowledge of security frameworks and standards such as ISO 27001 SOC and SSAE is preferred.

• Experience writing supporting documentation and security policies.

Experience required

• Strong verbal and written communication skills with the ability to interact and coordinate effectively with clients and ISS STOXX personnel globally.

• Strong administrative skills including task development and time/resource management to meet deadlines.

• Proficiency in general computer applications including Microsoft Word PowerPoint and Outlook.

• Advanced proficiency in Microsoft Excel including:

  • Knowledge of complex formulas and functions such as VLOOKUP and logical functions.

  • Experience creating and modifying PivotTables and PivotCharts for detailed data analysis and visualization.

• Excellent analytical organizational and interpersonal skills.

• Proven process-oriented mindset with attention to detail and compliance focus.

#LI-TG1 #STOXX #ANALYST

What You Can Expect from Us

At ISS STOXX our people are our driving force. We are committed to building a culture that values diverse skills perspectives and experiences. We hire the best talent in our industry and empower them with the resources support and opportunities to growprofessionally and personally.

Together we foster an environment that fuels creativity drives innovation and shapes our future success.

Lets empower collaborate and inspire.

Lets be #BrilliantTogether.

About ISS STOXX

ISS STOXX GmbH is a leading provider of research and technology solutions for the financial market. Established in 1985 we offer top-notch benchmark and custom indices globally helping clients identify investment opportunities and manage portfolio risks. Our services cover corporate governance sustainability cyber risk and fund intelligence. Majority-owned by Deutsche Börse Group ISS STOXX has over 3400 professionals in 33 locations worldwide serving around 6400 clients including institutional investors and companies focused on ESG cyber and governance risk. Clients trust our expertise to make informed decisions for their stakeholders benefit.

Visit our website:

View additional open roles:

Institutional Shareholder Services (ISS) is committed to fostering cultivating and preserving a culture of diversity and inclusion. It is our policy to prohibit discrimination or harassment against any applicant or employee on the basis of race color ethnicity creed religion sex age height weight citizenship status national origin social origin sexual orientation gender identity or gender expression pregnancy status marital status familial status mental or physical disability veteran status military service or status genetic information or any other characteristic protected by law (referred to as protected status). All activities including but not limited to recruiting and hiring recruitment advertising promotions performance appraisals training job assignments compensation demotions transfers terminations (including layoffs) benefits and other terms conditions and privileges of employment are and will be administered on a non-discriminatory basis consistent with all applicable federal state and local requirements.