Information Security Analyst
Information Security Assurance duties and responsibilities will include:
Our client are seeking the below skills & experience:
- Support security and risk management reporting and risk related actions and follow up.
- Review new and existing supplier and partner contracts and perform regular assurance activities to validate supplier security posture
- Performance of audit related activities internally and externally to the organisation, as well as preparation to receive external audits
- Review design and architectural design documentation and data flow diagrams and provide security requirements and input
- Support IT and Business transformation projects by ensuring they are risk-assessed and controls and security requirements are met through the transformation lifecycle, including compliance requirements such as ISO 27001 and PCI-DSS
- Scope, arrange and support security testing, including penetration testing
- Develop information security processes and procedures alongside business and IT stakeholders and its embedding
- Attend business governance meetings as required representing the Information Security team
The following qualifications, experience and behaviors are essential to this role.
- Several years of Security Engineering/Architectural experience.
- Excellent analytical skills and ability to solve complex problems;
- Excellent communication skills and the ability to clearly and concisely articulate information security risks to business and technical teams;
- Strong interpersonal skills and be approachable for all members of staff;
- Ability to communicate effectively at all levels within the organisation;
- Ability to manage third party security vendors and be involved in the procurement process;
- Experience in Security Governance and Security Assurance;
- Knowledge of ISF, ISO 27001, SOGP, PCI-DSS and GDPR; and Previous management experience in information security.
- Bachelors or master’s degree in computer science, information technology, information security or a related field;
- Previously worked within a large, multinational retail organisation; and
- Previous experience in information security strategy;
- Understanding of SharePoint libraries and publication to intranets.
Please do get in touch for a full detailed job spec.