ISO 27001 Program Security Analyst
SG Digital (part of Scientific Games Corp. NASDAQ:SGMS) leads the global gaming market, providing innovative software that powers the world’s most successful operators and online gaming providers.
We pride ourselves on product innovation and technical excellence and are constantly adding new applications and new functionality to our product suite, used by billions of end users. Having recently become the Digital, online Division of Scientific Games.
The ISO27001 Program Analyst will participate on a team to define, implement and manage the ISO27001 security program in the SG Digital division. The ISO27001 Program Analyst will participate in training the various organizations and teams in the division on the ISO27001 security framework and assist in driving these organizations to implement policy, process, and standards to achieve ISO27001 compliance.
Upon certification, the ISO27001 Program Analyst will assist in ongoing governance of the security program under ISO27001. They will organize and administrate the Security Committee, conduct internal reviews, and oversee tuning and remediation of policy, process, and standards.
The ISO27001 Program Analyst will report to the ISO27001 Program Manager for the division. The ISO27001 program team will work alongside Security Engineering and operations resources as a part of the Information Security team and participate in all division security activities.
Key Responsibilities Include:
- Assist with the implementation, operation, support and maintenance of the Information Security Management System based on the ISO/IEC 27000 series standards
- Assist with the preparation and the implementation of information security policies, processes and standards in conjunction with the Information Security team
- Support compliance monitoring and improvement activities to ensure compliance with internal security policies and ISO 27001
- Provide technical and procedural support to division organizations in their implementation of information security management systems
- Participate in ISO27001 training and educational activities
- Support information security risk assessments and controls selection activities
- Liaise with and offer strategic direction to related governance functions, such as Risk Management, IT, HR, Legal and Compliance
- Participate in other information security activities and projects as a member of the Information Security team
- Good technical writing, documentation and communication skills
- Strong technical understanding and aptitude for analytical problem-solving
- Degree in Information Security, or Information Technology, or Business preferred