Information Security Analyst
Remote UK
We are looking for an Information Security Analyst on behalf of our client who can offer more autonomy, development and training opportunities!
As a key member of the Service Delivery team, you will be ensuring a strong security posture for company’s products and environments. The role will work across all aspects of the software development and product lifecycle from requirements, through to design, implementation and into operation.
The role requires the candidate to have a blend of technical and communication skills, and an eye for detail. You will work with the company’s Information Security Manager and colleagues across the business to ensure our services operate to a high security baseline and meets product and client needs.
What you’ll be doing:-
− Creating and executing internal audits
− Carrying out security and risk assessments
− Carrying out supplier and 3rd party audits
− Providing internal advice across the business and working with teams on the security implications of new product features
− Business continuity planning
− Performing monthly control checks
− Producing high quality documentation
− Noticing opportunities and driving enhancements of the company’s information security landscape
Essential skills:
− Knowledge and experience in information security, cyber security risks and strategies to counter
Protective Marking: Confidential
− Experience/Knowledge with security concepts such as authentication, encryption, cloud security, networking (firewall, SIEM, IPS, IDS), operating systems, databases and application security.
− Knowledge and experience of InfoSec certifications (such as ISO 27001)
− Knowledge and experience of relevant data protection legislation and its implications, such as
GDPR
− Experience in the analysis, development and implementation of policies, processes, and controls
Desirable Qualifications/Skills:
− Knowledge/experience of penetration testing
− Any relevant qualifications/certifications e.g., CompTIA Security+, CEH (Certified Ethical Hacker),
CISP/CISM etc
− Knowledge/experience of cloud services
− A University degree in numerate, technical, or scientific field.