Security Compliance Analyst (Security, Framework)

Ampersand Consulting
10 Oct 2018
14 Oct 2018
Contract Type
Full Time
Security Compliance Analyst (Security, Framework) Chippenham

A leading UK FTSE 100 provider of IT services are looking to hire a talented security Compliance Analyst (Security, Framework) to work in a rapidly expanding security practice in Chippenham.

Security Compliance Analyst (Security, Framework) will ensure that appropriate security measures are built into the range of products ensuring requirements are met across the board.

Responsibilities for the Security Compliance Analyst (Security, Framework):

The Security Architect will have at least 3 years’ experience in security architecture and broader information assurance. The key accountabilities are to:

* Align product architectures with established security governance frameworks, including HMG security principles, CESG architectural patterns, OWASP, CIS & SANS controls
* Develop and maintain security risk assessments
* Responsible for security architecture of new development projects ensuring security requirements are fulfilled
* Consult on all other technical security aspects of the program and support the Information Security Team to drive excellence and quality
* Specify and/or ensure that security architectures for network, application and infrastructure solutions have adequate security controls to secure data-at-rest, data-in-transit and data-in-use.
* Determine, document and govern the criteria by which the Design, Test and Operation of the service should adhere.
* Engage with our customers, partners and other stakeholders to ensure that requirements are understood, and security controls enable those requirements to be met.
* Assess the compliance of partner/third-party solution designs with security policy and architectural standards and advise on remediation activities.

Skills and Experiences for the Security Compliance Analyst (Security, Framework):

* Broad and deep understanding of security architecture principles across areas such as networks, infrastructure hosting services & web services
* Understanding of Public Key Infrastructure and encryption products, services & governance
* Experience in performing systematic risk assessments.
* Understanding security delivery lifecycles.
* Technical Design Authority (TDA) experience covering network, application and security activities.
* CISSP or CISM certified
* CESG Certified Professional- IA Architect

Similar jobs

Similar jobs