Senior Information Security Analyst- ISO27001, threat, CISSP
Salary £45,000 - £60,000 per annum + 5/10% pen, 25 days, flexi, MSc
Consultant Graham Rowe
Date posted 08 October 2018 2018-10-082018-12-07 it UK Robert Walters United Kingdom
Senior Information Security Analyst- ISO27001, threat, risk, SOx, CISSP, CISM, CISA, GDPR, data privacy, incident Working with an established information security department, you’ll work under the direction of a highly respected security leader, providing day-to-day security operations. Including overseeing the delivery of out-sourced security services provided by suppliers and 1st line interface for all incidents.
Senior Information Security Analyst- ISO27001, threat, risk, SOx, CISSP, CISM, CISA, GDPR, data privacy, incident
Based out of Liverpool, you’ll work within an established information security function for this global, data and digital driven business. On a daily basis, this organisation balances innovation, creativity and change with safe operating practices and integrity.
The role of the information security analyst is to:
- Provide day-to-day security operations
- Overseeing the delivery of outsourced security services
- Primary 1st line interface for all incidents
- Proactively help the business differentiate its services within the market, through security
- Assist the business increase profits, whilst reducing reputational, operational, financial and technical risks.
Risks include: National State hacking, malware attacks, regulatory compliance, data loss prevention DLP, risk frameworks and network security.
- Provide the incident management function for all operational security issues on a day-to-day basis.
- Act as the primary risk assessor for all IT projects, and advice on appropriate controls.
- Assessing and assisting in the creation, testing and implementing disaster recovery and business continuity plans.
- Manage out-sourced security service providers.
- Management of the penetration test and remediation process.
- Analyze external threats and incorporate appropriate controls into the Digital Security framework and update information security directives and standards.
- Assist with information security awareness initiatives including conducting user presentations, conference calls and WebEx’s'.
- Liaise with the legal department and Data Privacy champion to ensure appropriate external requirements are identified, understood, adopted, and maintained.
- Annually conducts a security maturity assessment (or security posture) for the account.
- Coach junior member of the team.
- Deputise for management where required
- Security controls design and operation
- Conducting risk assessments
- ISO27001, SOx Sarbanes Oxley, GDPR data privacy
- Technical experience – good level of general IT
- Malware and detection tools
- Tenacity and persistence to resolve incidents
- Strong analytical skills
- Qualifications of interest: CISSP, CISM, CISA, ISO27001
- Excellent salary
- Sponsorship with certifications and MSc
- Pension: 5% employee, 10% employer
- 4x life assurance
- 25 days holiday + bank holidays
- Flexible working arrangements – work from home option
- 2 free lunches/week
- Working with the latest technology within a global security function