Security Compliance Speciaist - Senior Analyst

We are immediately recruiting for a Security Compliance Specialist on a contract basis working for a leading telecom operator based in Maidenhead.

Context

This is a pivotal role in developing and managing our security compliance assessment programme, key 3rd parties and partners.

We want someone who is fun, engaging and easy to do business with, an approachable and trustworthy individual with a keen eye for detail to ensure that the security is the best it can be.

This role forms part of the Risk and Security team. Risk and Security is part of the wider Business Operations function and is accountable for all aspects of security governance and security operations. We are responsible for managing Information Security, Corporate Risk Management, Business Continuity, and Compliance. This includes setting security policies and standards and providing guidance on their implementation, facilitating our compliance with security legislation and standards, managing security incidents and investigations, providing application and infrastructure security monitoring, testing and assurance, access control assurance for critical systems, and security training and awareness.

• You will be assessing internal compliance against established security standards, ISO27001, PCI-DSS and ND1643 Interconnect Standard and support the Security Compliance Lead in driving a security compliance programme.
• You will be responsible for delivering and reporting on the status of all IT audit recommendations raised by Group and Statutory auditors as part of our security compliance programme.
• You will work very closely with our 3rd parties and partners in assessing and driving their compliance to our control standards.
• You`ll be assisting the Security Compliance Lead and Information Security Manager in developing our security & compliance strategy, ensuring it's relevance to our company and further ensuring it is in line with established industry standards and legal & regulatory requirements.
• Working with the Information Security Manager and Risk & Business Continuity Manager, you will prepare a security compliance dashboard for discussion and review at our monthly Risk Board.
• In addition, you will be working cross functionally across our business to ensure all business programmes, projects and activities enhance and do not hinder security compliance levels

Responsibilities

• Assist in the development and implementation of the control frameworks to meet business and regulatory requirements (Legal, DPA, PCI etc), from concept to implementation e.g. controls design, testing regimes and risk treatment plans
• Develop and manage our security compliance programme, metrics and dashboard for monthly business reporting
• Establish our current security compliance baseline and a 3 year rolling business plan
• Perform prioritised security compliance reviews (internally, third parties and partners) to assess compliance against established standards and legal & regulatory requirements
• Articulate findings, recommendations following each security compliance review in a business friendly report
• Monitor the progress of agreed recommendations through our Risk Board activity
• Work with our Group companies to ensure alignment in approach and share best practice
• Assess and monitor compliance against our security policies and processes
• Review activities performed by other internal Security teams to ensure an aligned approach to enhance the level of security compliance

Knowledge and experience

• Significant, demonstrable, experience within a security compliance or security management role
• Proven experience of designing, managing and driving a security compliance programme
• Experience of proactively managing and driving business change through stakeholder engagement and management
• Security Certification such as CISSP, CISM, PCI QSA, certified ISO27001 Lead Auditor or CISA
• Being articulate and capable of explaining technical issues simply both verbally and in writing
• Self-starter with the ability to work independently when needed, and as part of a high performing team
• Strong communication skills, verbal, written and inter-personal communication skills
• Ability to multi-task and work on projects concurrently and under tight deadlines
• Must be detail oriented and customer focused with excellent, prioritisation, time and task management skills
• Enthusiastic, with a drive to continue learning and developing new skills
• Focused on delivering good customer service - responding to requests within required timeframes, proactively providing regular updates, driving rapid resolution of requests

If you are interested in this nice opportunity and feel your profile is a good match then please submit your application online or email direct to loic.menusier@projectpeople.com

Project People is acting as an Employment Business in relation to this vacancy.