We are recruiting a Senior Security Analyst opportunity, You will have a strong technical background with an in-depth knowledge of security systems; coupled with strong knowledge of relevant security regulations and legislation to assist and maintain the confidentiality, integrity and availability of organisational data, products and systems.Client Details
Public Sector and Government organisation based in Gloucester. Description
The Senior Security Analyst based in Gloucester will:
- Conduct/Manages security risk and vulnerability assessments for defined business applications or IT installations in defined areas, and provides advice and guidance on the application and operation of elementary physical, procedural and technical security controls (e.g. the key controls defined in ISO27001).
- Manage security incidents assigned within the agreed response and resolution timescales.
- Manage security requests/assessments via the ICT Security Working Group and project teams via commissioning process.
- Be point of Escalation of major incidents and any risks impacting our services/data to the ICT Technical Infrastructure Manager and Force Information Security Officer.
- Have a strong technical security understanding in order to support the department and business, liaising with both internal teams and 3rd party suppliers.
The Senior Security Analyst skills: The selection, design, justification, implementation and operation of controls and management strategies to maintain the security, confidentiality, integrity, availability, accountability and relevant compliance of information systems with legislation, regulation and relevant standards.
- Conducts security control reviews across a full range of control types and techniques, for business applications and computer installations. Seeks guidance from more experienced or specialised practitioners as required. Recommends appropriate action to management.
- Identifies threats to the confidentiality, integrity, availability, accountability and relevant compliance of information systems. Conducts risk, vulnerability and business impact assessments of business applications and computer installations and recommends appropriate action to management.
- Investigates major breaches of security and recommends appropriate control improvements. Conducts investigation, analysis and review following breaches, and manages the investigation and resolution of security incidents, in accordance with established procedures including incident management procedures. Prepares recommendations for appropriate control improvements, involving other professionals as required.
- Contributes to development of information security policy, standards and guidelines.
- Provides authoritative advice and guidance on security strategies to manage identified risks and ensure adoption, and adherence to standards. This includes advice on the application and operation of all types of security controls, including legislative or regulatory requirements such as data protection / GDPR and software copyright law.
- Plans and leads the work of small teams of security staff, and acts as project manager on complex IT security specialism projects.
- Delivers and contributes to the design and development of specialist IT security education and training to IT and system user management and staff.
- Manages the operation of appropriate security controls as a production service to business system users.
- Designs the security components of systems architectures.
Salary up to £52,500
£4,000 on call allowance
Great all round benefits package
Remote working but successful candidate required to live 1 hour form Gloucester