Information Security Analyst
Posted on Oct 21, 2021 by CV-Library
Damia Group are recruiting an Information Security Analyst to join one of our key clients - a growing FinTech within the Digital Capital Market space. We are currently looking for an Information Security Analyst where you will play a key role in ensuring the company's security programme keeps up with the growing business.
The role reports to the Head of GRC, contributing to the effective delivery of security processes and tooling to enable proportionate and effective application of security controls. You will be a key part of a growing team in a dynamic company, helping to define new ways of working using modern security architectures and tools.
You will be working closely with IT colleagues, internal stakeholders and third parties to ensure that all information and systems are secure, fit for purpose and protected to an optimal level. We are always evolving and there is a constant stream of exciting challenges and opportunities for us to work towards, together as a team.
Maintain technical security policies and procedures.
Assist the Head of GRC with:
providing technical documentation and responses for client onboarding questionnaires
identifying emerging threats and changes in technology
assessing and managing security incidents and breaches
implementation of information security projects.
Performing technical security audits, both internally and of suppliers, and identifying best practice resolutions
Implementing selected security controls to manage Information Security risks, maintain our ISO27001 certification and meet customer and FCA requirements.
Review information flows, data transfer processes and data transfer records.
Day-to-day running and monitoring of Information Security systems - analyse and interpret outputs to identify security weaknesses and recommend continuous improvements
Responding to Security Incidents, reports and alerts ensuring prompt containment and recovery - strong incident management and response skills required
Be the technical sign-off for all BAU Change Requests
Collate alerts from security tooling, perform triage, prioritise and where appropriate escalate for further action.
Seek out and exploit opportunities for improvement to the group's overall security postureEssential skills and experience:
We are looking for an information security analyst or IT professional with 3+ years of experience working in a technical security role.
The key requirement is an excellent working knowledge of security tooling.
The successful candidate will be a self-motivated individual who can work with minimal supervision and use their initiative to solve complex technical issues.
Hands-on experience with security technologies such as: Security operations, IT 2nd line support, server or network administration / configuration or application testing or development.
Adaptable - whilst this role requires some use of Security Toolsets and a Technical Mindset, you're not expected or required to be an expert in all areas but expected to have a solid understanding and grounding in security principals to adapt to the varied requirements
Passionate about cyber security and keeping up with the latest trends, threats and mitigations
A strong understanding of Information Security best practice for all elements including workstations, servers, cloud, networking, architecture, common protocols and application security
Able to manage own workload, prioritise and meet tight deadlines
Strong Incident Response Management skills including threat and vulnerability analysisDesired
Computer science or IT security related degree, or equivalent certifications and experience.
Understanding of IT Service Management principles, ideally ITIL.
Awareness of Security Frameworks, i.e. Cyber Essentials, ISO 27001, NIST
An understanding of Security Awareness Campaigns and facilitating education
Experience of planning and overseeing regular security penetration testing by Third Parties against new and existing services to identify weaknesses and formulate plans and processes to minimise current and future risk, working with the IT Team to remediate identified issues.
Damia Group Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept our Data Protection Policy which can be found on our website.
Damia Group is acting as an Employment Agency in relation to this vacancy
Set up alerts to get notified of new vacancies.
£45k - £50k Annual
£40k - £50k Annual
£59k - £65.5k Annual
£35k - £40k Annual
£42k - £50k Annual
£40k - £50k Annual
£60k - £70k Annual
£62k - £65k Annual
£60k - £65k Annual