Information Security Analyst, London
This exciting global company is looking for an Information Security Analyst with a good knowledge of SANS Top 20 and OWASP to join their growing team.
Your main focus in this role will be to delver information systems, network and application security compliance for them globally. This includes on-going security assessment as well as implementation of agreed actions and activities in response to identified IT security risks.
You will lead accountability, on behalf of the Head of Global Information Security, for systems, network and application security there. Other duties include developing, managing and updating security policies, standards and processes to prevent, detect, analyse, and respond to information security incidents. You will develop information security risk management process to drive risk based implementation of security controls for protection of information systems, networks and applications. Proactively research and develop technical solutions/security tools to help mitigate security vulnerabilities and automate repeatable tasks. Conduct annual compliance reviews and provide comprehensive reports including assessment-based findings, outcomes and propositions to improve SCI information security and data privacy compliance. Analyse and make recommendations to improve systems, network and application security in
global projects. Collaborate with IT Shared Services and IT Architecture & Innovation teams to ensure systems, applications and networks are secure by design. Assist internal and external stakeholders including auditors, when required, with information security questionnaires, audits, reviews, investigations, etc.
The successful Information Security Analyst will have the following skills and experience:
• Degree or diploma in information security or cyber security management / equivalent
• Experience working on ISO27001, NIST CSF or similar standards/frameworks.
• Proven experience in an Information Security role.
• Familiarity with SANS Top 20 and OWASP critical controls requirements.
• Experience of addressing a wide range of IT security challenges in complex IT environment.
• Designing and implementing IT security risks management and contributing to the development and execution of practical cost effective plans to mitigate them.
• Proven experience of working within a distributed IT infrastructure, networking and application environment.
• The capacity to build and maintain excellent relations and to work effectively in a multicultural and multi-ethnic environment respecting diversity.
• Excellent problem solving skills and a proactive, solutions orientated approach
• Strong personal, organisational and self-management skills.
• Strong communication skills in English.
• Ability to understand organizational mission, values, and goals and consistent application of this knowledge.
• Demonstrable work experience driving information security and/or data protection compliance within a not for profit organization would be a plus.
• Experience on Microsoft technologies – Windows Server and Workstation OS (Server 2012/16, Windows 10 etc), Active Directory, SSO, IDAM and Office 365.
• Exposure to ‘field operations' and the IT Security-related issues associated with working in remote, inhospitable and insecure environments.
In return you will be rewarded with a good salary and an exceptional benefits package including 30 days holiday (plus bank hols), generous pension with employer contributions from 5.5% to 13.5%, season ticket loan, cycle loan, child care vouchers and eye tests.
You will get the satisfaction of giving something back by working for an immensely positive organisation that is truly doing so much good. Based in the west end their offices are in a great location with easy access to Leicester Square, Piccadilly and Charing Cross stations.
If this role is of interest, please send your CV immediately!
If you are interested please apply ASAP. The People Network is an employment agency and will respond to all applicants within three - five working days. If you do not hear within these timescales please feel free to get in touch.