Assurance Analyst

Purpose of Role:

The Assurance Automation team guarantees robust security controls by continuously measuring and validating the effectiveness of controls and assumptions at scale. As an Analyst, you will establish and document security controls across the business, ensuring their relevance and effectiveness. You will develop and implement a controls maturity framework and manage test cases. Your role includes creating interactive dashboards in PowerBI, generating comprehensive reports, and analysing large datasets to identify trends. Additionally, you will manage external security assessments, translate findings into actionable tasks, and ensure timely remediation.

Specific Responsibilities:

• Define and Maintain Security Controls

• Establish and document security controls across five key security teams, ensuring relevance, effectiveness, and maintenance in the central platform.
• Help develop and implement a controls maturity framework to assess and enhance control effectiveness over time.
• Help develop, implement, and manage test cases for industry-standard frameworks, collaborating with cross-functional teams on testing strategies.
• Continuously refine testing processes and adopt new technologies to enhance security testing and assurance capabilities.

• Data Visualisation and Reporting

• Create interactive dashboards in PowerBI to visualize control performance and testing outcomes.
• Generate comprehensive reports summarizing test results, identified issues, and remediation progress.
• Analyse large datasets to identify trends, anomalies, and areas requiring attention.
• Ensure data integrity and accuracy in all visualization and reporting activities.
•  
  • Coordinate External Security Assessments
• Manage and coordinate external assessments to identify vulnerabilities in the organization's security posture.
• Proactively research and integrate novel testing approaches by analysing techniques utilized by testers.
• Translate findings from external security assessments into actionable tasks and remediation plans.
• Maintain the InfoSec findings log, ensuring all identified issues are documented, tracked, and addressed.
• Oversee the closure of assessment findings, working with relevant teams to ensure timely and effective remediation.

• Shared Responsibilities

• Execute relevant processes, while making proactive recommendations on ways to improve policies and processes.
• Draft your Objectives and Key Results (OKRs) on a quarterly basis and report on progress on an ongoing basis.
• Actively contribute to and create team documentation, facilitating knowledge sharing among the team and with other support groups.
• Assist with audits and reports by responding to requests and gathering evidence.  

Technical Competencies

• Assurance and Automation Competencies

• Experience testing or auditing security controls at scale.
• Understanding of core security assessments including Penetration Tests, Red Team and Purple Team.
• Experience with reporting and data visualisation tools such as PowerBI.
• Knowledge of Python is desirable  

• Core Competencies

• Grasp core security concepts.
• Identify, assess, and document security risks.
• Ability to write processes and general documentation.
• Maintain a services mindset, prioritizing customer service and user experience.
• Analyse and interpret security metrics.
• Commitment to continuous learning and staying current with security threats and trends.

Our Culture, Values and Benefits at Man

Man Group is proud to provide the best working environment possible for all of its employees, and we are committed to equal opportunities. At Man Group we believe that a diverse workforce is a critical factor in the success of our business and this is embedded in our culture and values. There are a number of external and internal initiatives, partnerships and programmes that help us to attract and develop talent from diverse backgrounds and that encourage inclusion and diversity across our firm and the industry. Man Group is a Signatory of the Women in Finance Charter and the Race at Work Charter.  Man Group is also a Disability Confident Committed employer; if you require help or information on reasonable adjustments as you apply for roles with us, please contact Peopleoperations@man.com.  https://www.man.com/diversity

Man Group supports many charities, and global initiatives. We support professional training and development, and requests for flexible or part-time working. Employees are also offered two 'Mankind' days of paid leave per year as part of the Man Charitable Trust's community volunteering programme.

We offer comprehensive, firm-wide employee benefits including competitive holiday entitlements, pension/401k, life and long-term disability coverage, group sick pay, enhanced parental leave and long-service leave.  Additional benefits are tailored to local markets and may include private medical coverage, discounted gym membership and wellbeing programmes.

Man Group is a Disability Confident Committed employer; if you require help or information on reasonable adjustments as you apply for roles with us, please contact Peopleoperations@man.com.