Senior Information Security Analyst- ISO27001, threat, risk, SO
Salary £40,000 - £60,000 per annum + 25 days, 10% pen, cert sponsor
Consultant Graham Rowe
Date posted 26 February 2019 2019-02-262019-04-27 it Liverpool Merseyside GB GBP 40000 60000 60000 YEAR Robert Walters https://www.robertwalters.co.uk
Senior Information Security Analyst- ISO27001, threat, risk, SOx, CISSP, CISM, CISA, GDPR, data privacy, incident Working within an established information security department, you’ll work with leading security peers, to use security as an enabler to be a differentiator for the business to increase profits and drive down risk.
Senior Information Security Analyst- ISO27001, threat, risk, SOx, CISSP, CISM, CISA, GDPR, data privacy, incident
- Security function regarded as integral to the organisations success
- Security programs seen by the board, with protected budgets
- Industry leading tools and cutting-edge technology
- Organisation showcased by Microsoft at exhibitions to illustrate Microsoft suite capabilities
- Working with industry authorities developing standards and guidelines, which will affect the whole industry
Based out of Liverpool, you’ll work within an established information security function for this global, data and digital driven business. Daily, this organisation balances innovation, creativity and change with safe operating practices and integrity.
The role of the information security analyst is to:
- Support day-to-day security operations delivered by their out-sourced service provider
- Primary 1st line interface for all incidents, ensuring lessons learnt and gaps are identified
- Ensure systems are secure, by reviewing designs and providing advice and guidance on design, deployment and controls.
- Proactively help the business differentiate its services within the market, through security
- Assist the business increase profits, whilst reducing reputational, operational, financial and technical risks.
- Risks include: National State hacking, malware attacks, regulatory compliance, data loss prevention DLP, risk frameworks and network security.
- Provide the incident management function for all operational security issues on a day-to-day basis.
- Act as the primary risk assessor for all IT projects, and advice on appropriate controls.
- Assessing and assisting in the creation, testing and implementing disaster recovery and business continuity plans.
- Manage out-sourced security service providers.
- Management of the penetration test and remediation process.
- Analyze external threats and incorporate appropriate controls into the Digital Security framework and update information security directives and standards.
- Assist with information security awareness initiatives including conducting user presentations, conference calls and WebEx’s'.
- Liaise with the legal department and Data Privacy champion to ensure appropriate external requirements are identified, understood, adopted, and maintained.
- Annually conducts a security maturity assessment (or security posture) for the account.
- Coach junior member of the team.
- Deputise for management where required
- Security controls design and operation
- Conducting risk assessments
- ISO27001, SOx Sarbanes Oxley, GDPR data privacy
- Technical experience – good level of general IT
- Malware and detection tools
- Tenacity and persistence to resolve incidents
- Strong analytical skills
- Qualifications of interest: CISSP, CISM, CISA, ISO27001
- Excellent salary
- Sponsorship with certifications and MSc
- Pension: 5% employee, 10% employer
- 4x life assurance
- 25 days holiday + bank holidays
- Flexible working arrangements – work from home option
- 2 free lunches/week
- Working with the latest technology within a global security function