This Job Vacancy has Expired!

Information Security Analyst- initial 6 months contract- up to £850pd inside IR35

Posted on Apr 23, 2022 by McCabe & Barton

London, United Kingdom
IT
Immediate Start
£750 - £850 Daily
Contract/Project

Initial duration 6 months, expected to run between 12 to 18 months. Hybrid working between home and London/Hove £750 - £850 per day

Role:

The role holder will support the Senior Information Security Officer in providing oversight of all Information and Cyber Security activities and issues for the Retirement Retail and Investment Business Units. The role will assist in ensuring a mature and systematic approach to security, based on internationally recognised standard frameworks relevant to the company, based on ISO 27001 and NIST as appropriate, as well as other relevant technology standards.

Principal accountabilities:

  • Understand security control requirements, as defined in company's security policies, standards and IT control framework and translate them into architecture patterns and solution designs, to help advise enterprise architects, solution designers, project managers and developers across the business.
  • Maintain awareness of current and emerging security risks and the changing threat landscape and recommend mitigating solutions to architects, solution designers, project managers and developers to help ensure security enhancement and controls are pro-actively applied.
  • Work with stakeholders to define the scope of penetration tests and analyse any vulnerability findings to ensure remediation actions are undertaken.
  • Assist in the evaluation of third-party supplier's security maturity due diligence questionnaire's and assist business partners contracts and security questionnaires during tender and bid process.
  • Undertake ad-hoc security consultancy and advisory engagements as required across the Business Division with the ability to work on multiple projects
  • Ensure security controls are Embedded into cloud environment and that security maturity and management information is available
  • Review the configuration of existing systems or solutions and identify security issues which require a change to its configuration, provide improvement recommendations and escalate any potentials risks to help ensure security risks are pro-actively managed.
  • Lead the security scoping of penetration tests, assessment of findings and document and sign-off on any change in ratings of the findings based on risk and compensating control factors
  • Ensure alignment to company's Customer Experience and Treating Customers Fairly (TCF) policy.

Qualifications, knowledge and skills:

  • Bachelor's degree in an IT related course (preferred but not essential) or equivalent experience in computer science, IT, business, or related field
  • An excellent communicator who is able to work with a range of stakeholders
  • Experience with report writing, creating metrics, or risk management desirable
  • Understanding of general security practices such as encryption, IAM, security information and event management etc. and supporting technologies
  • Organised with an ability to prioritise workload, meet deadlines, and utilise time effectively
  • Experience in application security from secure design to security testing
  • Knowledge of Secure Software Development Lifecycle and embedding security testing throughout the life cycle
  • Ability to translate complex application and infrastructure security issues into business language
  • Understanding of risk management
  • Able to build and maintain strong stakeholder relations across the business
  • Flexible and multi-tasking skills essential
  • Adaptable and creative thinker who can collaborate well in a team environment
  • Excellent interpersonal and communication skills, willingness to learn and embrace new solutions and technologies

Reference: 1573816510

Set up alerts to get notified of new vacancies.