Security Governance & Risk Analyst
Dentsu is a modern marketing solutions company. Our mission is to help clients navigate, progress and thrive in a world of change. Businesses rely on our integrated network of agencies and specialized practices to champion meaningful progress through creative, media, commerce, data and technology. Part of Dentsu Group, our global network comprises 66,000 diverse people in 143 countries, who are dedicated to teaming for growth and good. Some of our award-winning agencies include 360i, Carat, dentsumcgarrybowen, DEG, dentsuX, iProspect and Merkle. Follow us on Twitter @DentsuUSA and visit dentsu.com/us.
We are champions for meaningful progress and we strive to be a force for good—for our people, for our clients, for the industry and for our society. We keep our people at the center, creating space for growth, understanding and learning so they can thrive. We embed diversity, in our mindset, in our solutions and in our teams to empower an inclusive, equitable and culturally fluent environment. Building this culture within our teams makes us better collaborators with each other and with our clients, driving better outcomes for all.
The purpose of this role is to work as part of the regional and global Cyber Security teams to deliver and maintain a security governance and risk program supporting certification initiatives, risk management, business continuity and exception processes for the Americas region. The role reports to the Regional Security Manager, Americas.
- Build positive stakeholder relationships in the region and globally
- Perform risk assessments utilizing dentsu’s information security risk management processes
- Participate in incident management, following appropriate policies and procedures. Perform "root cause” analysis for incidents to identify and remediate information security issues
- Report on the design and operation effectiveness of security controls
- Actively contribute to security training initiatives to increase employee awareness
- Evangelize a culture of Information Security awareness across the region
- Develop security metrics via reporting dashboards for regional and global stakeholders
- Perform internal audits measuring compliance with documented information security policies, standards and processes
- Maintain the information security improvement plan ensuring actions are completed by the agreed target dates
- Review internal processes and systems to ensure information confidentiality, integrity and availability
- Maintain a record of compliance obligations mapping the evidence required to demonstrate alignment
- Risk remediation to support dentsu’s ISO27001 certification project
- Support RFI/RFP response from an Information Security perspective
- Working knowledge of security practices, technologies, architectures, and philosophies in the Cyber/Information Security portfolio
- Ability to multi-task, prioritize, manage workload and adapt to changing business conditions
- Proactive, upbeat and collaborative communication style, with the ability to be direct, tactful, and transparent
- Ability to work effectively as part of a team
- Solid problem-solving skills. Ability to analyze problems and risk from multiple perspectives
- Comfortable with managing uncertainty, ambiguity, and change to make decisions and prioritize tasks
- Understanding of security risk analysis techniques
- Ability to explain technical complex concepts to non-technical audiences combined with excellent communication and organizational skills
- Is demonstrably self-motivated, pro-active, action orientated to achieve deadlines
- Proactive development of trending knowledge and skills within information security community
- Interest in their own personal development within security governance
- Experienced with IT assurance functions and auditing techniques (desirable)
- Understanding of network architecture, protocols and principles (desirable)
- Achieved or working towards an information security qualification (CISSP, CISM, CISA, CRISC – desirable)
- Comprehensive healthcare plans
- FTO and family leave
- Generous holiday schedule
Employees from diverse or underrepresented backgrounds encouraged to apply.
Dentsu (the "Company") is committed to a policy of Equal Employment Opportunity and will not discriminate against an applicant or employee of the Company, on the basis of age, sex, sexual orientation, race, color, creed, religion, ethnicity, national origin, alienage or citizenship, disability, marital status, veteran or military status, genetic information, or any other legally-recognized protected basis under federal, state or local laws, regulations or ordinances. Applicants with disabilities may be entitled to reasonable accommodation under the terms of the Americans with Disabilities Act and/or certain state or local laws. A reasonable accommodation is a change in the way things are normally done that will ensure an equal employment opportunity without imposing an undue hardship on the Company. Please contact [email protected] if you need assistance completing any forms or to otherwise participate in the application process or to request or discuss an accommodation in connection with a job at the Company to which you are applying.