Information Security Analyst
Here at First Utility we want to make a difference. We are changing the face of the energy industry by campaigning for more transparency, better communication and a speedier switching process. Through pioneering technology and sharing our knowledge, we put our customers firmly in control of their energy, so they can spend less on what they need and more on what they want.
We are proud to deliver award winning service and as we continue to challenge the industry, our talented people are integral to our journey; our people make that difference. As we continue to grow our Team we now have office locations in Warwick, Coventry, London, Krakow and Hamburg.
We’re now looking for an information security analyst to join our Information security team.
How the role fits inThe Information Security Team is responsible for ensuring the ongoing protection of the confidentiality, integrity and availability of information across First Utility. The team is tasked with specifying and monitoring the implementation of robust security controls that support business efficiency and effectiveness; the balance between security and operational functionality must be maintained.
The team is led by the Head of Information Security, who reports to the Chief Information Officer.
The role day to dayThe Information Security Analyst will assist the Information Security Team in multiple critical functions and activities to the business, including:The delivery of key activities to support our journey for GDPR compliance.Undertaking information security risk and compliance audits to provide pragmatic recommendations and improvement opportunities.The identification of of technical and process-based control improvements to help secure data.Helping provide general information protection guidance and advice to the wider business.Helping to maintain ISO 27001:2013 accreditation.Assisting with PCI DSS accreditation.Assisting with technical information security audits.Supporting the delivery of the supply chain assurance lifecycle programme of work.Supporting incident response activities.
What you’ll need to help you make the best of the role
- In-depth knowledge, and experience, of information security audit techniques, including management and testing of IT controls frameworks.
- Detailed understanding of the EU General Data Protection Regulation (GDPR) and Data Protection Act, including specific requirements, their implementation and operational processes.
- Working knowledge of information security frameworks including ISO 2700x, NIST and CESG advised best practice.Detailed understanding of information security due diligence requirements and processes in the supply chain.
- Must be confident to work independently (e.g. performing a complete information security audit end-to-end).
- Experience of dealing with senior management is beneficial (e.g. writing reports, presenting audit findings or explaining the purpose of a specific risk control).
The ‘nice to haves’
- Experience in maintaining ISMS policies and process documents.
- Experience in maintaining and delivering risk management frameworks.
- Knowledge of incident response processes.
- CISA, CISM and/or CISSP certification is beneficial.
- Background in Tier 1 (Big 4) or Tier 2 security/IT audit practices is beneficial.
What you’ll get in returnOur people are our business, so our mind-set is people first. Spending much of your time at work, we know it’s not just about a rewarding career, development opportunities and competitive salary - the work space, relaxation areas and coffee matter too!First Perks is our benefits portal where you can access BUPA Private Healthcare, childcare vouchers, pension scheme, cycle to work scheme, our staff tariffs and exclusive savings and discounts from nearly 900 retailers - including holiday deals to help you make the best of your 25 days holiday (plus Bank Holidays). First Perks features discounts for many of the biggest brands - from Lastminute.com to Amazon, from John Lewis to Tesco; there is something for everyone.
We’re proud to support our charity partner the NSPCC and offer regular fundraising events from bake-offs to London Marathon entries. Our teams enjoy quarterly socials, some more adventurous
This job was originally posted as www.totaljobs.com/job/76060208