Connecting to LinkedIn...

Information Security Analyst

Job Title: Information Security Analyst
Contract Type: Permanent
Location: Berkshire, England
Industry:
Salary: Negotiable
REF: RC/P/Informationsecu_1649409792
Contact Name: Rohit Chavda
Contact Email: Rohit.Chavda@projectpeople.com
Job Published: about 1 month ago

Job Description

Information Security Analyst - Permanent - Berkshire

Job Context

The main function of the Security Analyst role is to protect the assets of the organisation by ensuring all people, processes and technology operate in a secure manner. This role is accountable for providing authoritative information security advice and guidance to the business, ensuring our processes, systems, products and services across the business are secure by design, meet security standards and maintain security throughout the lifecycle.

Responsibilities

  • Liaises with stakeholders to elicit, analyse, communicate and validate security requirements as a result of changes to business processes and information systems.
  • In conjunction with Information Security colleagues, assists the business and technical teams through the lifecycle of initiatives and projects to assess the security impact and highlight risk whilst ensuring the implementation of appropriate measures and controls to reduce risk, maintain compliance and provide security assurance.
  • Breaks down complex security requirements into understandable non-functional requirements, making use of plain English, diagrams, process flows and scenarios as appropriate.
  • Advises, supports and guides teams and individuals on security related topics, embedding our security culture across the business.
  • Represents Information Security in business process forums and act as an initial point of contact for security engagement requests, to be triaged and processed accordingly.
  • Develops, manages and maintains Information Security consultancy, engagement and triage processes.
  • Produces weekly, monthly & quarterly progress/status reports.
  • Works with external partners to evaluate security metrics & reporting, providing oversight and decision making.
  • Works in virtual teams collaborating on different aspects of initiatives/projects, ensuring there is security alignment and that the delivered solution has the appropriate in-life security management in place.
  • Supports the ongoing security training and awareness initiatives to embed our security culture across the business.
  • Embraces and drives a continuous learning culture where the development of new skills and knowledge is important to the success of both their and their team's roles.
  • This role works to a weekly/monthly planning horizon.

Experience Required:

  • Demonstrable knowledge of security principles, risk assessment techniques and security control selection.
  • Strong business, technical and security awareness.
  • Experience working in IT Infrastructure and/or Information Security.
  • Demonstrate understanding and application of Information Security management best practices including knowledge of frameworks, policies, standards and guidance (e.g. ISO27001, NIST 800-53, CIS).
  • Ability to lead, make decisions, problem solve and work within teams. Can demonstrate flexibility and agility to move between technical subject matters within the Information Security team.
  • Strong stakeholder management and prioritisation skills.
  • Ability to communicate clearly and present security topics to a wide range of technical, non-technical and senior stakeholders, clearly articulating security concerns and risks in a language that the business understands
  • Self-motivated, proactive and able to manage multiple concurrent deliverables.
  • Able to understand and assess technology systems and applications from both a technical and business function perspective.
  • Strong situational analysis and decision-making abilities
  • Excellent planning and organisational skills

Desirable

  • A professional qualification e.g. CISSP, CISM, CISA, CRISC (or a desire to achieve one)
  • Experience working in an environment where some (or all) security services are outsourced to external third parties.
  • Experience working within a cloud-based technology environment.
  • Experience working in telecommunications and/or within a large mobile provider

Project People is acting as an Employment Agency in relation to this vacancy.