Information & Cyber Security Analyst

Recruiter
NATS
Location
Fareham Common
Posted
11 Nov 2017
Closes
15 Nov 2017
Contract Type
Permanent
Hours
Full Time
NATS is the UKs leading air navigation service provider, handling over 2 million flights each year. It provides air traffic control services from two control centres and 14 airports in the UK, as well as a wide range of commercial solutions to over 30 countries internationally We are passionate about being an equal opportunities employer, treating all colleagues in a fair and respectful manner. We appreciate and value the diversity of our employees and the inclusive environment we work in. Having employees with a wide range of skills, knowledge, creativity, innovation and energy is important to us, and allows us to be the industry leaders we are NATS are recruiting for an Information & Cyber Security Analyst, to maintain and mature the cyber security practices within the organisation. This role will ensure that security plans, policies and practices reflect the corporate standards and support the different functions, business units and environments The Information & Cyber Security analyst will take on additional responsibilities to assist a busy team. This role will appeal to an all-rounder looking to support an exciting technology transformation and develop credentials for future career growth. Principle Accountabilities Drive improvement to NATS security levels through the identification of risks and development and implementation of mitigating strategies Maintain and develop NATS security policy in line with standards such as ISO27001 and CoBIT Develop standards and procedures as required, coordinating with business units and recommending improvements Develop and maintain the risk assessment framework, and risk register, in line with standards such as ISO27001 and NIST Drive the completion of risk assessments Develop and maintain the cyber security metrics dashboard and recommending actions Participate in security awareness program, creating ideas and content, and providing orientation, educational programs, and on-going communication Maintain an awareness of security regulation and legislation, contributing to discussions that influence NATS security decisions and processes Support CISO in discharging security accountabilities, working across a myriad of information and cyber security related topics Participate in Information and Cyber Security governance meetings as required Build relationships across all NATS business units and support their security needs Qualifications and Skills Certified to CISSP or equivalent professional certification A self-starter, with high level of interest and energy regarding the information & cyber security space; A broad cyber-security mind-set Able to assimilate and consider issues from the technical, process and business perspective, supported by a pragmatic attitude to the implementation of security across a safety-critical business Understanding of ISO27001, GDPR, NIST, CoBIT & Cyber Essentials Proven ability to build relationships and influence across an organisation with a track record of good written and verbal communication skills Good attention to detail Good understanding of the procedures required to identify, quantify and address information security or cyber vulnerabilities in an organisation Experience of the development and implementation of appropriate risk mitigation plans, policies, processes and technical controls Experience of Cyber Essentials and/or ISO27001 A deeper expertise and interest in one of more of the following would be beneficial - Security Awareness; Risk management; Security Assurance Additional Information In addition to salary, NATS offers a range of excellent benefits which includes 26 days leave, increasing to 28 days after 1 years' service plus statutory leave and a top class contributory DC pension scheme Closing Date: 24 November 2017 This application can be provided in paper form or large print NATS Talent Acquisition Team4000 ParkwayWhiteleyHampshirePO15 7FL - provided by Dice CISSP, COBIT, INFORMATION SECURITY, ISO27001, RISK ASSESSMENT, RISK MANAGEMENT