Information Security Analyst
Information Security Analyst
£40,000 - £60,000 per annum + other excellent benefits
My Client are a Global organisation and a fantastic company to be part of. We are looking for someone who is passionate about security and has the initiative to express their own ideas that can contribute to making a difference.
***Full job spec giving through the application process***
Main duties & responsibilities:
- Developing and maintaining the in-house vulnerability management capability, implementing vulnerability scanning, reporting on risk exposure and provide risk prioritized remediation advisories and tracking progress.
- Assist in the development of the Information Security Management System (ISMS).
- Coordinate penetration tests with penetration testing partners, IT and Development teams, acting as key point of contact for all security activities and advisories in relation to remediation and mitigation.
- Implementing security controls in compliance with legislation and regulatory frameworks (eg DPA, PCI-DSS, HIPPA) and the Group Information Security Policies.
- Implementing security methodologies and industry standards (eg ISO27001, NIST, SANS)
- Identifying and prioritising IT and security compliance risks and recommend appropriate mitigating controls.
- Conduct risk assessments of changes, projects, programmes, services.
- Provide recommendations to manage information security risk which will include aligning projects to policies & standards.
- Assist with developing and reviewing corrective action plans to address the root cause and prevent reoccurrences of compliance issues.
- Undertake security gap analysis internally, of third parties and other partners
- Providing IT Security and compliance awareness.
- Exposure to multi-tier, web based and cloud based IT architectures.
- Knowledge of security technologies (eg AV, SIEM, IAM, IPS, F/W, SSO, DLP).
- Knowledge of security assessment frameworks (eg threat modelling, controls assessment, risk assessment).
- Experience in provide initial investigations of security incidents, escalating issues where necessary.
- Experience with security information management tools.
- Experience within security assessment tools particularly vulnerability scanning tools, SIEM, DLP and NAC.
- Minimum 2 years' experience in an active IT security role.
- Working knowledge and experience of the ITIL framework.
- Experience in developing, managing and improving operational risk and compliance processes.
- Excellent communicator, both written and spoken.
- Ability to deal with ambiguity and rapid change.
- Ability to manage conflicting priorities, multitask and meet tight deadlines.
- Ability to work under pressure.
- Team oriented.
- Experience working within a team environment delivering projects for production systems.
- Exposure to IT development teams and projects.
Due to the volume of applications, we regret that we can only respond to those meeting our above requirements.
This job was originally posted as www.jobsite.co.uk/job/959505148