Information Security Analyst C£60k City of London

Langley James IT Recruitment
London (Greater)
13 Apr 2018
20 Apr 2018
Contract Type
Full Time
Global Publisher require an Information Security Analyst to be responsible for assessing compliance with internal and external security requirements, identifying risks, and communicating the security posture to Technology management and other managers across the business including Legal and HR. The Information Security Analyst will act as the subject matter expert for Security Governance, Risk, and Compliance.

The role will encompass :-

* Liaise between our managed security services vendor (Rapid7) and internal IT teams to prioritize and remediate vulnerabilities and risks
* Monitor threat intelligence feeds and security tools, escalating potential incidents.
* Coordinate internal and external audits, scans, penetration tests and other security assessments
* Experience with PCI and GDPR regulations as well as their technical and security compliance
* Actively perform PCI internal self-assessments, quarterly reviews, ad hoc tests and audits and facilitate assessments performed with a Qualified Scanning Vendor (QSV).
* Document and maintain PCI compliance
* Review vulnerability scan results and provide recommendations for remediation to the IT Operations and Development teams.
* Interface with technical teams, stakeholders, and leadership teams to translate security risk mitigation plans into actionable items.
* Stay up-to-date with current security issues and regulations in the industry including researching latest findings, industry trends, and vendor-specific issues and resolutions.
* Perform hands-on gap or risk assessments to identify significant information security risks (including applications, systems, data centres, cloud, infrastructure and vendor security risk assessments) to determine the organizational risk posture
* Cloud, web and application security planning and design. Must be able to provide the development team advice on best practices and incorporating security into application design.
* Monitor and review IT Security controls to identify operational effectiveness
* Participates in planning for future security requirements and develops and implements policies and procedures related to all facets of information security.
* Research, test, and recommend information security products based on cost/benefit and risk reduction methodologies.
* Assist with security awareness and training programs.
* Understanding of information security frameworks (ISO 27001, CIS Critical Security Controls, NIST) and OWASP.
* Serve as a liaison with IT and business area partners to identify, understand, document and advise on security requirements, impacts and risks.

You should have been working extensively within the IT Security Field for a number of years and ideally have a recognized certification i.e. CISSP, CISM, CISA.

This role will involve occasional International Travel, namely the USA and hours could vary due to having to liaise regularly with US Colleagues.

Communication skills, both oral and written, are paramount within this organization. The role will require liaising with contemporaries and Suppliers across the globe.

The Company has a first-class benefits package and offers training budgets to allow for skills and career progression

Similar jobs

Similar jobs