Western Digital Analyst Security 

Algeria, Tinduf 

818098787

Today’s exceptional challenges require your unique skills. It’s You & Western Digital. Together, we’re the next BIG thing in data.

You will a key member of Western Digital’s technology and security compliance programs that meet industry standards, regulatory requirements, and organizational objectives. You will lead Information Security Third Party Risk Program - develop robust risk management strategies, insightful metrics, and drive operational excellence. You will collaborate with cross-functional teams, providing expert technology risk guidance and analysis to enhance our information security posture and ensure compliance with industry standards and regulations.

Key Responsibilities

• Serve as leader and owner of the Third-Party Risk Program in support of WD information security and business objectives.
• Lead process analysis and improvement to ensure that efficiency and effectiveness of Third-Party Risk program, create and refine summaries, reports, KRI/KPI's and governance documentation associated with the Third-Party Security Program.
• Conduct technical security assessments of third-party vendor and services to ensure systems, networks, operations, business processes, and applications, information risks are identified and managed.
• Work with business units and the legal team to define security requirements and standards for third-party contracts.
• Collaborate across the organization to document and identify risk mitigation measures associated with third parties, including identifying back-up third parties, strength and/or maturity of the company, and other crucial factors.
• Act as a point of contact for internal and external auditors on 3rd party related audits for Technology, Security, Disaster Recovery related diligence.
• Develop and drive implementation of effective risk management strategies to mitigate identified risks, ensuring alignment with industry best practices and regulatory requirements.
• Analyze security data to identify trends, vulnerabilities, and areas for improvement.
• Collaborate with internal and external auditors to facilitate security audits and assessments.
• Collaborate across the organization to ensure the integration of risk management practices into organizational processes and projects.
• Stay current with industry trends, emerging threats, and best practices for information security and risk management.

Qualifications

• Bachelor's degree in Information Security, Computer Science, or equivalent work experience.
• 8+ years of experience in information security, including risk management, risk assessments, reporting, and metrics analysis, and hands-on with at least one of the following: security engineering, network security, identity and access management, security operations, and/or software development security.

• 3+ years of experience in technical roles, or similar technical proficiency required are highly desirable.
• Proficiency in risk assessment methodologies, tools, and techniques.
• Experience in conducting risk assessments, vulnerability assessments, and compliance audits.
• Strong understanding of information security frameworks, standards, and best practices (e.g., ISO 27001, NIST, GDPR).
• Experience in generating and interpreting information security metrics and reports.
• Excellent analytical and problem-solving skills with attention to detail.
• Strong communication and interpersonal skills, with the ability to explain complex security concepts to non-technical stakeholders.
• Ability to work independently and collaboratively in a fast-paced environment.
• Experience in building and maturing information security risk management practices.
• Relevant certifications such as CISSP, CISM, CRISC, GSNA or similar are highly desirable.
• Technical certifications such as GCIH, GPEN, CEH, OSCP or similar are highly desirable.