Information Security Analyst - GRC
- Employer
- NP Group
- Location
- Hertfordshire, England, Hatfield
- Salary
- £55000 - £65000 per annum + Additional Benefits
- Closing date
- 27 Feb 2019
View more
- Sector
- FMCG
- Job Role
- Security Analyst
- Job Type
- Permanent
Information Security Analyst - GRC
Passionate about information security and want to be part of one of the fastest growing tech companies?
This is a diverse security team that is responsible for information security across the whole organisation.
The team deal with security alerts and incidents, they select and manage the security systems, carry out security assessments of new technologies, manage security compliance programs and provide security advice and education to all areas of the business.
Reporting to the Information Security Manager, you will be working across multiple project streams embedding security and ensuring we continually meet and deliver against our information security program.
You will work in an advisory manner on information security matters spanning people, process, and technology collaborating with various stakeholders across the business.
This role is not a technical hands on role, but would suit an individual who has a strong technical background having worked with a range of technology and security tools and is now looking to take the next step on their information security career.
Key Responsibilities
- Contribute to the creation and refresh of information security documents, policies, processes and procedures.
- Work with business stakeholders and project teams to understand, scope and define security requirements.
- Assess and audit internal departments against the information security framework, to ensure standards are continually met.
- Be a champion of the information security program while providing support on compliance programs such as PCI and GDPR.
- Assist in developing control testing strategies, to ensure our security controls are meeting their objectives.
- Perform internal and third party information security risk assessments.
- Supporting Data Protection activities as required.
- Providing effective reporting to the Information Security Manager of trends, audit findings and risk ratings.
Key Skills
- 2+ years' experience in an information security related role.
- Blend the correct balance between self-sufficiency and knowing when to seek assistance.
- Proactive and collaborative approach, comfortable working in a fast paced environment prioritising multiple parallel activities.
- Proven ability to analyse solution designs and assessing the most appropriate security controls, while understanding the risk of certain controls not being place.
- Ability to effectively communicate security risks and impact to various business stakeholders.
- Good technical knowledge of networks and infrastructure including public cloud and technical security controls such as firewalls, IDS/IPS, DLP, SIEM.
- Knowledge of current information security standards, frameworks and regulations such as ISO27001, NIST, PCI-DSS, DPA, GDPR.
- Good understanding of the security community, toolsets and knowledge sources.
- You have already obtained, or are working towards CISSP, CCSK, CISMP, SCCP certification.
Networking People (UK) is acting as an Employment Agency in relation to this vacancy.
Get job alerts
Create a job alert and receive personalised job recommendations straight to your inbox.
Create alert