Information Security Analyst
Posted on Jun 20, 2019 by CV-Library
A bit about us
Bupa is one of the most well-known and respected healthcare businesses in the world, because what we do matters. From our contact centres to our care homes; health and dental centres to our state of the art hospitals across all four corners of the globe, every part of our operations are dedicated to our purpose of helping people live longer, healthier, happier lives. We pride ourselves on working with brilliant people who put our customers at the heart of everything they do.
About the area you’ll be working in
From Finance and IT, to Marketing and People (HR) our support functions are the backbone of our UK operations. We may not deal directly with our customers, but we play an absolutely vital role in making sure that our customer–facing teams get all the support they need to deliver the very best service.
What you'll be doing
You will safeguard the confidentiality, integrity and availability of Bupa information and data, and the security of Bupa infrastructure and application. You will provide IT Security consultancy and guidance to IT Shared Services UK, its internal and external customers and suppliers to ensure business needs can be delivered in a secure manner, adhering to Information Risk policies and standards. You will act as advocates for the Information Security and Governance function ensuring its vision and objectives are clearly articulated, understood and delivered. You will Undertake security assurance activities relating to programmes and projects; Information Security risk assessment and analysis; and perform other Security Management activities including governance, compliance, strategy and awareness. You will assist with the co-ordination of response to information security incident e.g. through impact analysis and remediation planning and co-ordination
What’s a typical day?
You will provide advice, guidance and policy interpretation to a wide audience of internal and external entities (teams, projects, suppliers, customers and partners). You will provide detailed technical standards content, based on established security policies and practices. You will obtain and act on vulnerability information and conduct security risk assessments, business impact analysis and accreditation on complex information systems.
Contribute to the investigation of major breaches of security, and recommend appropriate control improvements. You will Review information systems for compliance with policy, standards and regulatory requirements and specify any required changes. You will Responsible for provision of interpretation of security testing output, where required, to assist in prioritisation of remediation activity. You will define the plan for penetration testing. You will provide security consultancy for business as usual activities and to ensure that security related capabilities are fit for purpose and in line with the agreed operating model and risk appetite. You will Ensure that security requirements are specified, appropriately reflected in design documents, and supported in deployment by the appropriate tools, processes and metrics. You will provide detailed, expert level advice and guidance on technical security tools and processes required to support or further develop organisational security capabilities. You will Implement stakeholder engagement/ communications plans, including, for example; handling of complaints; problems and issues; managing resolutions; corrective actions.
Who we’re looking for?
* Good experience and knowledge of Information Security management, ideally with a technical degree and /or industry recognised qualifications (e.g. CISM, CISA, CISSP, GEGIT, QCA).
* A sound understanding of British and International Security Standards (e.g. ISO/IEC 27001, ISO/IEC 27002) relevant Privacy legislation (especially Data Protection Act 1998) and regulatory obligations (e.g. PCI/DSS, FCA, PRA).
* Knowledge of process improvement and project management methodologies
* High interpersonal skills to enable partnership with IT and business stakeholders operating at all levels within the organisation.
* Knowledge of security architecture and design; experience of developing security requirements and ensuring these are adequately specified, represented in designs, and implemented in deployment.
* Knowledge of security policy implementation and deployment; experience of creating technical security standards based on established policy objectives and requirements.
* Knowledge of corporate procurement and tendering processes; experience of specifying security requirements in contract schedules.
* Knowledge of security process and control assurance; experience of providing assurance to customers, and gaining assurance from suppliers.
* Knowledge of current security tools, processes and techniques; experience of deploying tools, processes, training to demonstrate measurable security benefit.
What’s it like to work here?
As you’ll already know, we want people to ‘love working here’, so much so that’s it’s at the top of our agenda and something you’ll hear a lot about here at Bupa. We offer our people a great range of benefits, many of which are flexible and can be tailored to suit what’s most important to you. We’re a healthcare company so there’s a huge focus on our people’s health and wellbeing, supported by a healthy work-life balance and workplaces which are friendly, appealing spaces to support you to be at your best.
Our Staines office has good access from local motorways and it’s just as easy to get the train here as there is a free shuttle bus to and from the station, or if you prefer to walk its only 20 minute’s.
We’re driven by one purpose, helping people live longer, healthier, happier lives and that that means our people too. As a Bupa employee you’ll be entitled to some fantastic benefits which include 25 days holiday increasing to 30 days as your length of service increases, the option to buy and sell holiday, an enhanced pension plan, life assurance and income protection. You’ll join our annual bonus scheme, amount variable dependent upon your role and performance. Looking after your health is important to us and you can benefit from our health trust scheme where all our people have the option of taking our market-leading medical insurance cover, which includes mental health support and treatment, at a greatly reduced price as well as a free health assessment every 2 year. Your health and wellbeing matter to us and we provide lots of family friendly policies too. You can keep fit at our free onsite gyms (local gym discounts where no onsite gym). We will support you to get to work, offering a season ticket loan to spread the cost of an annual train/bus ticket as well as our cycle to work scheme.
We’re an inclusive organisation that celebrates diversity and welcomes everyone – all talents and backgrounds. Bupa strives to make sure that every applicant is assessed solely on the basis of personal merit and qualifications, regardless of gender, sexual orientation, pregnancy or maternity, marital or civil partner status, gender reassignment, race, colour, nationality, ethnic or national origin, religion or belief, disability or age