Information Security Analyst - (ISO27001, ISO27002, PCI DSS)

E Resourcing
United Kingdom
40000.00 - 50000.00 per annum + benefits
11 Nov 2017
15 Nov 2017
Contract Type
Full Time
Information Security Analyst - (ISO27001, ISO27002, PCI DSS, Data Protection Act) Working in the Information Security department you will be part of a team that provides Group wide Information security leadership, governance and support. The team is also responsible for the governance and management of the ISMS (Information Security Management System).The Information Security Analyst is required to directly create, maintain, support, assess, plan and report on security systems and processes with the Global Support division and other divisions as required. Key Responsibilities: Security and Risk assessments including vendors, systems, and processes Creation and administration of Standards related to Policy Business SME support Security control assessment/ solution selection support Security Office documentation support: update papers, presentations, minutes from forums, process definition, data asset custodianship Awareness training service provision (e.g. plans, content management, scenario design, service execution, metrics and reporting) Work actively with both technical and non-technical teams to ensure adoption & maintenance of Information security related activities Identify, record and escalate when necessary risks using the Information Security Risk management framework Regular reporting on status of initiatives, projects and tasks Assist with procedural document creation KPI & Metrics collation and administration Creation, monitoring & reporting of relevant security BAU services/activities Proactively scope, plan, communicate and co-ordinate delivery of key information security initiatives across business boundaries and act as a subject matter expert accordingly Collate, report and present outputs from initiatives and subject related research Ensure knowledge of existing and emerging security related threats and solutions is kept up to date Make recommendations for improvements to the Information Security posture Prepare informational documentation and reports as requested on security matters and opportunities Skills & Abilities: Excellent communication skills with the ability to build good relationships with a wide range of stakeholders, internal departments and key suppliers Proficient skills in PowerPoint, Excel, Word and Outlook are essential Remain approachable under pressure Knowledge and ability to use relevant internal systems Act with integrity, tact and diplomacy Work as part of a team Ability to complete a variety of related tasks Pro-actively solve problems Good time management skills Ability to be flexible within role Good attention to detail Confident and highly motivated Strong reporting skills and with the ability to evaluate and summarize information provided Ability to translate technical language to non-technical colleagues Knowledge & Qualifications: Commercial experience in information security role Good understanding of PCI DSS, Data Protection Act, ISO27001, ISO27002 Proven experience in creation and provision of security awareness to others Experience in an Enterprise working environment Basic understanding of ITIL principles BS in Computer Science, Information Security, or a related field preferred Currently holding or working towards relevant security certifications would be an advantage Please send a CV detailing the above required experience for consideration - provided by Dice COMPUTER SCIENCE, CONTENT MANAGEMENT, INFORMATION SECURITY, INFORMATION SECURITY MANAGEMENT, ISO27001, ITIL, RISK MANAGEMENT, SECURITY MANAGEMENT