Mazars is an engine for rapid and consistent career progression, offering individually designed career paths that help you pursue your interests, match your changing needs, and explore your true potential. We work with diverse, prestigious clients across a range of sectors and geographies, giving you the opportunity to constantly update and grow your skills for lifelong professional development.  

About the team

Our security and governance function is fundamental to enabling our firm to succeed.  Working with a team of experts and innovative business partners and technology, they are responsible for designing, implementing, and managing solutions to managing technology risk, ensuring the protection of sensitive data, systems, and applications.

Part of an IT team provides IT services to around 3,700 users across around 20 locations, predominantly in the UK, and is comprised of key functions collaborating closely including Technology Change (including project management), Security & Governance, Architecture, IT Service Delivery and Service Operations.

You will be working closely with other teams with a broad range of responsibilities including risk assessment and remediation of suppliers, including audits to identify potential vulnerabilities developing and implementing policies, procedures, and standards to help control and manage risks.  You will also be engaging with clients as part of assessments and due diligence to ensure new and existing customers are fully assured on our posture.

This is a role that will involve tenacity to continually monitor and manage risks in a changing landscape and drive change.  You will be empowered to drive improvement, identifying, and owning change with the benefit of a track record in a high quality delivery, policy development, due diligence, risk audit and mitigation.

About the role

• The Information Security & Governance Analyst is a key function of our IT Security & Governance Team, working to protect Mazars' information, information systems and those of Mazars' clients.
• Designing and maintaining the review schedules of existing suppliers and third parties.
• Working with existing suppliers to risk assess and remediate identified risks in their cyber security posture.
• Conducting third-party risk assessments and audits to identify potential risks and vulnerabilities.
• Developing and implementing GRC policies, procedures, and standards.
• Continuously monitoring the external security posture of critical suppliers.
• Monitoring IT security performance to ensure Mazars meets contractual obligations.
• Ensuring all third parties have an assigned a business owner and are onboarded into our Third-party Risk Management framework.
• Collaborating with internal procurement and asset management stakeholders to ensure that third-party vendors comply with the company's information security policies.
• Assessing information security risk in procurement pre-materialisation cycles
• Providing guidance and support to business units on GRC-related and information security related issues.
• Conducting regular reviews of GRC processes and procedures to identify areas for improvement.

What are we looking for?

• This role is a great opportunity for a recent college graduate or somebody moving from another function with a transferable skillset and a desire to realign their career with Security Governance.
• This role is also well suited to someone with experience in information risk management or security audit.
• You should have good knowledge of information security principles, standards, compliance concepts and processes.
• You should possess strong analytical skills to evaluate risks and identify potential vulnerabilities.
• You should have excellent verbal and written communication skills to effectively communicate with stakeholders.
• You should be proactive, self-motivated, and highly professional, with outstanding customer relationship and soft skills.
• Experience in an information security, risk management or third-party/supplier risk management role is desirable.
• A Bachelor's degree in computer science, Information Technology, or a related field and any information security qualifications or certifications are desirable.

About Mazars

Mazars is a leading international professional services firm delivering exceptional quality in audit, accounting, tax, financial advisory, outsourcing and consulting. 

We are one diverse, multicultural, multi-generational team with a huge sense of connection and belonging. This is a place where you can take ownership of your career, get involved, believe in yourself and put your ideas into action.  

At Mazars, we celebrate individuality and thrive on teamwork. We give people the freedom to make a personal contribution to our shared purpose. We support one another to deliver quality, create change and make an impact so that everyone can reach their full potential.  

Being inclusive is core to our culture at Mazars; we want to ensure everyone, whether in the recruitment process or beyond is fully supported to be their unique self. To read more about our approach click here 

Our aim is to make the recruitment process as accessible and inclusive as possible - please contact us to discuss any changes you may require so we can work with you to support you throughout your application.