Information Security Analyst

Ref: 994Wednesday 1 December 2021

Information Security Analyst

Remote UK

We are looking for an Information Security Analyst on behalf of our client who can offer more autonomy, development and training opportunities!

As a key member of the Service Delivery team, you will be ensuring a strong security posture for company’s products and environments. The role will work across all aspects of the software development and product lifecycle from requirements, through to design, implementation and into operation.

The role requires the candidate to have a blend of technical and communication skills, and an eye for detail. You will work with the company’s Information Security Manager and colleagues across the business to ensure our services operate to a high security baseline and meets product and client needs.

 

What you’ll be doing:-

− Creating and executing internal audits

− Carrying out security and risk assessments

− Carrying out supplier and 3rd party audits

− Providing internal advice across the business and working with teams on the security implications of new product features

− Business continuity planning

− Performing monthly control checks

− Producing high quality documentation

− Noticing opportunities and driving enhancements of the company’s information security landscape

 

Essential skills:

− Knowledge and experience in information security, cyber security risks and strategies to counter

Protective Marking: Confidential

− Experience/Knowledge with security concepts such as authentication, encryption, cloud security,  networking (firewall, SIEM, IPS, IDS), operating systems, databases and application security.

− Knowledge and experience of InfoSec certifications (such as ISO 27001)

− Knowledge and experience of relevant data protection legislation and its implications, such as

GDPR

− Experience in the analysis, development and implementation of policies, processes, and controls

 

Desirable Qualifications/Skills:

− Knowledge/experience of penetration testing

− Any relevant qualifications/certifications e.g., CompTIA Security+, CEH (Certified Ethical Hacker),

CISP/CISM etc

− Knowledge/experience of cloud services

− A University degree in numerate, technical, or scientific field.