Business Information Security Analyst
Salary £40000 - £55000 per annum
Consultant Darius Goodarzi
Date posted 12 October 2016
An International Investment Bank in London is looking for a Business Information Security Analyst to join their growing team.
About the Business Information Security Analyst Role:
The recently established Business Information Security Office (BISO) Team are responsible for the definition and improvement of the Group Control Standards for Information Risk control areas and identification of control recommendations to the client’s business units and functions for requirements arising from synergies and automation, policy updates. Additionally, risk evolution or the changing threat landscape, the establishment and delivery of a 1st line Information Risk Assessment methodology and oversight for the Information Risk Control Inventory in order to establish control.
The role holder will have an excellent track record of delivery execution and some exposure to senior stakeholder management. They will be able to demonstrate at structured approach with some evidence of problem solving skills in all duties. The overall purpose of the role is to support management and execute delivery on behalf of Global Information Security.
Technical Skills / Competencies:
- Significant experience in a senior role of working within information risk field, including systems audit or internal controls, preferably within the financial sector
- Thorough understanding of the relevant risk issues and Controls which need to be put in place with appropriate performance drivers
- Management and delivery of Business intelligence reporting using appropriate tool-sets
- Evidence of leading identification, solutioning and implementation of reporting solutions
- Managing organisational change and ‘slow adopters’
- Implementation and production of scheduled business performance reporting (fixed-date deliverables)
- Experience of working within information and preferably cyber security, including infrastructure security architectures and configurations, application/database security, encryption mechanisms, logical data/information storage techniques and mobile technologies
- Must have experience of building and maintaining effective relationships at all levels
- Strong management and some leadership skills, able to influence senior management when dealing with complex and competing objectives
- Evidence of innovative thinking that challenges the status quo to improve control, efficiency, effectiveness and understanding
- Demonstrable track record of strong team work and delivery execution, within and across departmental and stakeholder teams
- Strong statistical, analytical and structured problem solving management skills
- Strong communication skills - written, verbal and visual
- Able to convey complex concepts and principles in simple, clear articulation
- Developing influencing, negotiating skills and personal impact
Knowledge, Expertise and Experience
- Strong academic background, educated to degree level or equivalent experience
- Candidates holding a current CISSP qualification are preferable
- Professional qualifications also desired are CISM, CISA (or similar)
- Experience of COBIT, ISO27001, ISF/IRAM and other relevant frameworks
- Information risk / operational / cyber risk, especially relating to Policies covering Information Risk and associated genres (primarily 5 policies)
- Business reporting including associated technical and statistical skills
- Structured problem solving, effectiveness/efficiency skills and qualifications (e.g. Six Sigma/DFSS)
- Supporting technology related experience such as application development, testing, service management, SDLC/Agile etc
- Production of high-quality communication outputs through varied outputs and strong level of communication skills
- Personal resilience in a fast-pace, complex and evolving environment
You will contribute to the development of the group-wide Standards for Information Risk. You will also be supporting the alignment of the team with the requirements of the Business Units and Functions, including the identification of the right controls and control operating models relevant to Information risk.
With a background in IT Security, you will be well used to working in a team that delivers results and performs well under pressure
If you are driven, determined and want to join a company that has the backing of some of the brightest minds in their respective industry then this Business Information Security Analyst role is for you.