D&T Risk Oversight Analyst

Welcome to Haleon. We’re a purpose-driven, world-class consumer company putting everyday health in the hands of millions. In just three years since our launch, we’ve grown, evolved and are now entering an exciting new chapter – one filled with bold ambitions and enormous opportunity.
Our trusted portfolio of brands – including Sensodyne®, Panadol®, Advil®, Voltaren®, Theraflu®, Otrivin®, and Centrum® – lead in resilient and growing categories. What sets us apart is our unique blend of deep human understanding and trusted science.
Now it’s time to fully realise the full potential of our business and our people. We do this through our Win as One strategy. It puts our purpose – to deliver better everyday health with humanity – at the heart of everything we do. It unites us, inspires us, and challenges us to be better every day, driven by our agile, performance-focused culture.

About the role

The Cyber Security Risk Management Analyst is responsible for conducting comprehensive cybersecurity risk assessments and providing guidance for management of risks.   This role involves evaluating the likelihood and impact of threat actors compromising cybersecurity vulnerabilities and assessing the effectiveness of new controls to reduce risk. The analyst will be capable of producing cyber risk reports tailored to both technical and non-technical audiences, as well as managing actions and findings.

Role Responsibilities

• Conduct qualitative and quantitative cybersecurity risk assessments to evaluate the likelihood and impact of potential threats.

• Perform quantitative risk assessments to measure the reduction of risk associated with the implementation of new controls.

• Develop and deliver cyber risk reports and recommendations for senior leaders, based on data-driven risk analysis.

• Communicate findings and recommendations effectively to both technical and non-technical stakeholders.

• Manage actions and findings from risk assessments to ensure timely resolution and mitigation

• To ensure threats are treated in accordance with company risk tolerance thresholds and endorsed with appropriate authority.

• Proven experience in conducting cybersecurity risk assessments and developing risk mitigation strategies.

• Knowledge of cybersecurity risk methodologies and best practice for qualitative and quantitative risk management and the ability to perform relative risk assessments.

Why you? 

Basic Qualifications:

• 8 – 14 years of relevant experience

• Proven experience in conducting cybersecurity risk assessments and developing risk mitigation strategies.

• Knowledge of cybersecurity risk methodologies and best practice for qualitative and quantitative risk management and the ability to perform relative risk assessments.

• Familiarity with the healthcare, pharma, and manufacturing industries is highly desirable.

• Able to assist in accessing and managing risks and have a strong understanding of risk management principles, regulatory compliance, and security frameworks.

• Knowledge of cyber threats and vulnerabilities, and countermeasures that can be applied to identified cybersecurity risks.

• Performing risk assessments, generating reports and managing risks and actions.

Preferred Qualifications: 

• Degree or higher

• Excellent management skills to effectively balance unexpected and conflicting priorities as they arise

• Experience operating effectively across matrixed organizations

• Operate across geographies and across business lines.

• Intercultural sensitivity

• Ability to effectively manage conflicting priorities in alignment with overall business and departmental strategies.

• Developing strong relationships with leaders of complementary programs (e.g. Procurement, Legal, Ethics & Compliance) to ensure harmonization.

• Certification in Risk & Information Systems Control (CRISC)

• Certified Information Systems Security Professional (CISSP)

• Certified Information Security Manager (CISM)

 Job Posting End Date

Haleon are committed to mobilising our purpose in a way that represents the diverse consumers and communities who rely on our brands every day. It guides us in creating an inclusive culture, where different backgrounds and views are valued and respected – all in support of understanding and best serving the needs of our consumers and unleashing the full potential of our people. It’s important to us that Haleon is a place where all our employees feel they truly belong.
During the application process, we may ask you to share some personal information, which is entirely voluntary. This information ensures we meet certain regulatory and reporting obligations and supports the development, refinement, and execution of our inclusion and belonging programmes that are open to all Haleon employees. 
The personal information you provide will be kept confidential, used only for legitimate business purposes, and will never be used in making any employment decisions, including hiring decisions.

If you require a reasonable adjustment or accommodation or other assistance to apply for a job at Haleon at any stage of the application process, please let your recruiter know by providing them with a description of specific adjustments you are requesting. We’ll provide all reasonable adjustments to support you throughout the recruitment process and treat all information you provide us in confidence. 

The Haleon recruitment team will contact you using a Haleon email account (@haleon.com). If you are not sure whether the email you received is from Haleon, please get in touch.