Skip navigation

Have you considered using our job search? Click here to search our current jobs.

Have you considered using our job search? Click here to search our current jobs.

Senior IT Security Risk & Compliance Analyst

Summary

Salary
Competitive
Team
Information Technology
Location
United States - Chicago Office

About Us:

Dyson is a global technology enterprise. We’re growing fast and our ambition is huge – more categories, more locations and more people. Dyson launched in the US in 2002, and since then operations have grown exponentially. Our US headquarters is based in Chicago's Fulton Market neighborhood. We also have employees working in field sales, our service centers, and in our growing number of Dyson Demo Store’s across the country.  

At Dyson, we demand the highest standard of performance from the technologies we engineer. Our people expect the same from the technology that supports them. We are a community that appreciates and advocates better engineering. A community of pioneers. Dyson IT is mid-transformation. Our aim is to create robust IT architecture, to manage data effectively and efficiently, and continue to grow our world-class team. A team that is strategic, enabling business acceleration, growth, and success.

Our Cyber Security team-

It’s no secret that our intellectual property is massively critical to our success. But how do we keep it from the prying eyes of the bad guys? Dyson’s Global Cyber Security department works effectively to keep our secrets secret and secure our crown jewels using advanced technologies to stay one step ahead of the game. We take a pragmatic approach, transforming cyber security in order to enhance our business resilience, enable our colleagues to move fast, delight our customers, and better manage potential cyber disruption. Investing in new cyber security capabilities across technology, process, and people, we build on and leverage our strong cyber security ecosystems to tackle future threats. Our IT Security Risk & Compliance, Enterprise Security, and Cyber Defense functions are the beating heart of Dyson’s Cyber Fusion Centre capabilities. Together, they enable the successful delivery of exciting new projects, help existing toolsets remain effective, enable and encourage compliance, balance red & blue team capabilities, and make sure that cyber security incidents are managed in a timely and efficient way.

About the Role:

The Senior IT Security Risk & Compliance Analyst, reporting to the IT Security Risk & Compliance Manager, will be responsible for:

IT Security Risk & Compliance:

  • Lead on compliance assessment and due diligence on Global IT and Business stakeholders (e.g. Control Assessment, Third Party Vendor Assessments, PCI gap assessment. etc.) Provide reporting on the security stance of third parties and highlight potential risks to senior stakeholders.
  • Lead in maintaining the Global IT Risk Register, holding key individuals accountable for remedial action.
  • Provide support in monitoring and tracking Internal Audit functions, Cyber Security Metrics / reporting, remedial actions.
  • Assist in the continued compliance with PCI-DSS and the annual assessment and maintenance.
  • Complete assurance tasks, ensuring that the key Cyber Security policies and standards are adhered to.
  • Direct key business areas to work towards a level of compliance, where required.
  • Escalate where non-compliance poses a business risk to key business stakeholders.
  • Perform regular and periodic compliance-related tasks.
  • Lead in the development and publishing of Cyber Security policies and standards.
  • Support and assist with the development of Cyber IT Security Risk & Compliance Analysts.
  • Support Cyber Security training and awareness activities and initiatives.

With experience in a similarly dynamic, international role and complex organization, you’ll have a proven authoritative knowledge of leading an IT function in the global/region working as part of a global matrix managed team.

  • Autonomy - Works under broad direction. Work is often self-initiated. Is fully responsible for meeting allocated technical and/or project/supervisory objectives. Establishes Milestones and has a significant role in the assignment of tasks and/or responsibilities.
  • Influence - Influences organization, customers, suppliers, partners, and peers on the contribution of own specialism. Builds appropriate and effective business relationships. Makes decisions which impact the success of assigned work, i.e., results, deadlines, and budget.
  • Complexity - Performs an extensive range and variety of complex technical and/or professional work activities. Undertakes work which requires the application of fundamental principles in a wide and often unpredictable range of contexts. Understands the relationship between own specialism and the wider customer/organizational requirements.
  • Business Skills - Advises on available standards, methods, tools, and applications relevant to own specialism and can make appropriate choices from alternatives. Analyses, designs, plans, executes, and evaluates work to time, cost, and quality targets. Assesses and evaluates risk. Communicates effectively, both formally and informally. Facilitates collaboration between stakeholders who have diverse objectives. Takes all requirements into account when making proposals. Takes initiative to keep skills up to date. Maintains an awareness of developments in the industry. Analyses requirements and advises on scope and options for continuous operational improvement. Demonstrates creativity, innovation, and ethical thinking in applying solutions for the benefit of the customer/stakeholder.

About You:

  • Demonstrable evidence of effective problem-solving skills in complex support BC & DR, including experience relating to Cyber Security, Compliance, or Assurance.
  • Significant experience in leading third-party assessments and running third-party assurance activities, preferably against a recognised framework.
  • Significant experience of conducting compliance reviews, including creation of GAP analysis reports and remediation plans.
  • Authoritative knowledge of risk methodologies and experience applying these in assessments.
  • IT security management and audit qualifications
  • Excellent relationship skills – the ability to build positive relationships with both technical and business personnel.
  • Excellent communication skills in written and oral presentation material.

Our culture is unique. It's not easy or comfortable. It's certainly not for everyone, but if you thrive on challenge and are excited by change – it could be for you.

Benefits:

At Dyson, how we reward you is linked to our high-performance culture. But it’s about more than salary and bonus. Through a package of financial, lifestyle and health benefits, we support whatever stage of life you’re in and the moments that matter. 

Financial benefits: 

  • 401K with up to a 4% match 
  • Company paid Life Insurance and AD&D 
  • Flexible Savings Account (FSA) and Health Savings Account (HSA) 

Lifestyle benefits: 

  • Competitive Paid Time Off Benefits including Separate Holiday, Sick, and Vacation Time 
  • Pre-tax Commuter Benefits (applicable areas only) 
  • Generous Child Care Leave Program 
  • Wellness Program 
  • Employee Assistance Program 
  • Generous Dyson Product Discounts 

Health benefits: 

  • Multi-Level Healthcare Coverage Options 
  • Vision & Dental Coverage 
  • Company paid Short-Term and Long-Term Disability

#LI-DYSON 


Dyson is an equal opportunity employer. We know that great minds don’t think alike, and it takes all kinds of minds to make our technology so unique. We welcome applications from all backgrounds and employment decisions are made without regard to race, colour, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other any other dimension of diversity.

Interview guidance

We are following the government guidelines regarding COVID19. At this time all interviews will be conducted via video or telephone. We’re taking these precautionary measures to protect both our employee and candidate wellbeing. Our Talent Acquisition team will work with you and provide further information as appropriate.