My client, a global insurance company, is seeking a Cloud Controls Analyst to join its Compliance and Controls team (part of the GRC function) on a long-term contractual basis. This team conduct second line of defence testing for controls including those relating to the Security and Availability Trust Principles within SOC2.
The successful Cloud Controls Analyst will support the delivery of cloud control testing in the areas of information & cyber security, technology and cloud infrastructure, conducting design adequacy and operating effectiveness testing of cloud controls for SOC2.
Key duties include, but are not limited to:
Performing assessment of Cloud controls (focusing on Azure) including;
o Control design adequacy
o Control operating effectiveness
- Cloud control testing (including guard rails resource log analysis etc.)
- Developing operating processes and procedures for cloud control testing of structured test papers for all controls tested
- Reporting and tracking of cloud control gap remediations as well as ineffective or inadequate controls
- Identify opportunities and recommendations to improve the design and implementation of cloud controls
- Support the control owners in the design and maintenance and documentation of cloud controls
Key words: Information Security, Compliance, security, SOC2 SOC 2, GRC, Trust Principles, cyber security, Cloud, Azure
Eames Consulting is acting as an Employment Business in relation to this vacancy.