Senior IT Security Risk

Overview Senior IT Security Risk & Compliance Analyst at Cushman & Wakefield. The role involves managing daily security operations, supporting cross-regional initiatives, and ensuring compliance with internal and external security standards. The senior analyst collaborates with Legal and Service Lines, participates in vendor and client security assessments, and contributes to security awareness, governance, and the continuous improvement of the organization\'s security posture. Responsibilities Manage day-to-day security initiatives, ensuring deadlines, timelines, and processes are followed throughout the year. Work with Regional Security Leads to ensure cross-region activities are completed. Collaborate with Service Line organizations and Legal to review specialized training needs and requirements documented. Work with and manage security service desk L4 concerns; initiate and shepherd remediation actions to resolve issues. Capture information risk metrics in a central repository, analyze them, and ensure they accurately reflect GISO operations. Determine and agree on actions to position Cushman & Wakefield GISO as a world leader in security practices. Participate in the corporate IT risk management program and prepare reports for management. Lead security awareness activities, manage security trainings, report results to management, and participate in phishing campaigns as needed. Perform vendor security assessments to ensure vendors meet internal information security requirements and monitor them. Complete client security assessments and represent the firm\'s security posture in client audits to satisfy client needs. Participate in implementing new tools and identify opportunities to improve maturity of client and vendor security programs. Support embedding of the Information Security Risk Framework and processes. Ensure information security governance and processes align with the broader information security program and operate effectively. Qualifications Education: Degree or equivalent experience in computer science, information systems, or related field. Experience: 4+ years in information security domains such as vendor risk management, security governance, or security operations. Standards & Frameworks: Knowledge of ISO 27001/2, NIST CSF, NIST SP 800-53, CCSK. Collaboration: Ability to work with business and IT partners in task management and project coordination. Experience with large multi-national companies preferred. Other Professional Qualifications English: Fluent written and spoken. Required Skills Excellent planning and organizational skills to coordinate risk assessments, reporting, control, and assurance activities. Strong attention to detail with ability to deliver high-quality reports and meaningful data analyses. Exceptional interpersonal and stakeholder engagement skills to communicate effectively across levels. Solid understanding of how an information security organization functions. Ability to analyze large amounts of information and present clear messages. Effective time management, prioritization, and adaptability to changing requirements. Team player; proficient in Microsoft Excel, PowerPoint, and SharePoint. Experience & Regulations Clause: The tasks and responsibilities may be supplemented to reflect general and job-specific professional habits. The holder must perform lawful instructions of the line manager and may perform tasks outside the stated scope as needed. INCO: Cushman & Wakefield Job Details Seniority level: Mid-Senior level Employment type: Full-time Job function: Information Technology #J-18808-Ljbffr