Cyber Assurance Analyst

This review offers a detailed look at the Cyber Assurance Analyst position at IAG Cargo, aiming to provide potential candidates with a clear understanding of the opportunity and its implications for their career development.

About IAG Cargo: A Global Leader in Logistics

IAG Cargo is a prominent player in the global airfreight logistics sector, renowned for its critical role in moving a diverse range of goods, from vital medicines to exotic produce. As the cargo brand of International Airlines Group, encompassing airlines like British Airways and Iberia, IAG Cargo is at the forefront of connecting the world and ensuring essential items reach their destinations. The organization fosters a culture of determination, curiosity, collaboration, and pride, striving to create an exceptional work environment for both its customers and employees.

The Opportunity: Cyber Assurance Analyst

The Cyber Assurance Analyst position is integral to IAG Cargo's commitment to security and compliance. This role is responsible for providing critical assurance to the Cargo Business Information Security Officer (BISO), ensuring that third-party vendors, new services, and applications adhere to the organization's risk appetite and established cybersecurity policies and standards.

Key Responsibilities and Daily Activities:

• Risk Assessment and Communication: Proactively identify, assess, and clearly communicate cybersecurity risks to relevant stakeholders, ensuring a comprehensive understanding and accurate assessment of control effectiveness.
• Project and Pipeline Assurance: Conduct security assurance activities within projects, product teams, and their development pipelines, offering oversight across a broad IT estate and a complex supply chain of third parties and partners. This includes specific considerations for cargo warehouse operations, maintenance, and safety.
• Pragmatic and Risk-Based Approach: Drive a practical, risk-based methodology for security assurance within a large-scale, dynamic environment, adapting to the pace of change and delivery.
• Service Excellence and Innovation: Deliver a high-quality, enabling service that shapes security standards and encourages modern information security practices beyond traditional checklist-based approaches. This includes piloting new assurance methods, establishing new processes, bringing activities in-house, and innovating existing work programs.
• Compliance and Policy Adherence: Ensure that all regulatory and compliance requirements are met and thoroughly evidenced. Monitor adherence to policies and lead initiatives to address any identified gaps.
• Stakeholder Collaboration: Foster strong working relationships with cross-functional teams including IT, Legal, Procurement, and Cyber Risk to ensure alignment between assurance activities and business objectives. Maintain effective relationships with third parties to guarantee ongoing compliance and risk management.

Advantages for Candidates:

This role presents a significant opportunity for professionals seeking to advance their careers in cybersecurity within a world-leading logistics organization. Key advantages include:

• Impactful Role: Directly contribute to the security and operational integrity of a critical global logistics network, ensuring the safe and compliant movement of essential goods.
• Diverse Exposure: Gain hands-on experience with a large and diverse IT estate, a complex third-party supply chain, and unique operational considerations within the airfreight industry.
• Professional Development: Opportunities to pilot new approaches, establish innovative assurance processes, and contribute to the continuous improvement of cybersecurity frameworks.
• Career Growth: Develop a strong understanding of risk management, compliance, and cybersecurity best practices in a challenging and dynamic environment, paving the way for future leadership roles.
• Industry Experience: Potential to gain invaluable experience within the airline industry, a sector with unique regulatory and operational complexities.
• Attractive Benefits: IAG Cargo offers a competitive salary, bonus structure, and a comprehensive benefits package, including:
  • A hybrid working model (3 days in office, 2 days remote).
  • Generous staff travel benefits on British Airways and group airlines.
  • Flexible bank holiday policy.
  • Access to LinkedIn Learning and Rosetta Stone Language courses.
  • Onsite gym facilities, UNMIND app access, and Mental Health First Aiders.
  • Discounts on various services through Perks at Work.

Key Considerations for Candidates:

To thrive in this role, candidates should carefully consider the following:

• Required Experience: Proven experience in cybersecurity assurance, risk management, or a related field is essential. Strong familiarity with cybersecurity standards, frameworks (ISO 27001, NIST, CAF), and regulatory requirements is expected.
• Analytical and Communication Skills: The ability to analyze complex risks and communicate them effectively to both technical and non-technical audiences is paramount.
• Adaptability: A willingness to work from multiple sites and travel for meetings and workshops is a requirement.
• Modern Security Mindset: Candidates who can champion modern approaches to security assurance, moving beyond solely relying on stage gates and checklists, will be highly valued.
• Industry Knowledge (Desirable): While not strictly mandatory, prior experience within the airline industry or knowledge of emerging cybersecurity trends will be advantageous.
• Tool Proficiency: Familiarity with modern cybersecurity assurance tools and technologies, as well as general MS Office tools like SharePoint and Visio, is expected.

In Conclusion:

The Cyber Assurance Analyst role at IAG Cargo offers a compelling opportunity for cybersecurity professionals looking to make a tangible impact within a globally recognized organization. By focusing on a pragmatic, risk-based approach and embracing innovation, candidates can not only contribute to the company's security posture but also significantly advance their own career trajectories in the vital field of cybersecurity.