Information Security Analyst (GRC, Governance, Risk, Compliance)

Precise Placements Ltd

Posted on Mar 27, 2024 by Precise Placements Ltd
London, United Kingdom
IT
Immediate Start
£80k - £80k Annual
Full-Time

Information Security Analyst (GRC, Governance, Risk, Compliance)

Our leading international law firm client are looking to recruit an Information Security Analyst (GRC, Governance, Risk, Compliance) on a permanent basis to implement information security related tasks and focus on support and delivery, as advised and requested by the Head of Information Security (CISO).

Roles and Responsibilities for this Information Security Analyst (GRC, Governance, Risk, Compliance) are:

  • Vendor security assessments in line with ISO27001, NIST, CIS, Cyber Essentials
  • Policy updates/Risk management - tracking creation and review
  • Maintain Information security awareness tool and reporting activity
  • Maintain certification programmes and all coordination activity
  • Create clear business presentations and organisation of documentation and policies.
  • Arrange and support internal and external audit programme activity
  • Document security breaches and assess the damage they cause and support the wider team
  • Work with the security team and the wider IT team and external security partners to perform tests and uncover vulnerabilities and record and track for auditability and reporting
  • Support remediation activity and vulnerability management to maintain a high level of security in line with information security best practice
  • Maintain company-wide best practices policy for security/Network/Software/WIFI/Cloud/Messaging etc
  • Assist in performing penetration testing/Monitoring and recording Risk and assessment.
  • Technical design authority & project review support
  • Change delivery and security by design
  • Security incident management and support
  • Provide guidance for colleagues to understand information security best practice.
  • Research security enhancements and make recommendations to management where necessary
  • Stay up to date on information technology trends and security standards
  • Comply with all relevant legal and regulatory obligations including the Solicitors Regulation Authority (SRA) Standards and Regulations, and Principles.

Qualifications and Experience required for this Information Security Analyst (GRC, Governance, Risk, Compliance) are:

  • Bachelor's degree in computer science or related field
  • Certified Information Systems Auditor (CISA), or ISO/IEC 27001 Lead Auditor or Implementer qualification with proven experience
  • Experience coordinating Audit, Risk programmes
  • Certified Information Systems Security Professional (CISSP) would be beneficial
  • Experience in information security risk and compliance
  • Experience with computer network penetration testing and techniques
  • Understanding of Firewalls, proxies, SIEM, antivirus, and IDPS concepts
  • Ability to identify and mitigate network vulnerabilities and explain how to avoid them
  • Understanding of patch management with the ability to deploy patches in a timely manner while understanding business impact
  • A background in working in GRC within technology, preferably within an Infrastructure or Application support/Audit role.
  • Demonstrable experience facilitating IT Control audit activities. With Relevant IT Security or Information Risk Management qualifications (Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), or ISO Lead Auditor or Implementer qualification, would be advantages for the role.
  • Experience working with large and extended Operational and Engineering teams

Reference: 2740610485

https://jobs.careeraddict.com/post/89469851

This Job Vacancy has Expired!

Precise Placements Ltd

Information Security Analyst (GRC, Governance, Risk, Compliance)

Precise Placements Ltd

Posted on Mar 27, 2024 by Precise Placements Ltd

London, United Kingdom
IT
Immediate Start
£80k - £80k Annual
Full-Time

Information Security Analyst (GRC, Governance, Risk, Compliance)

Our leading international law firm client are looking to recruit an Information Security Analyst (GRC, Governance, Risk, Compliance) on a permanent basis to implement information security related tasks and focus on support and delivery, as advised and requested by the Head of Information Security (CISO).

Roles and Responsibilities for this Information Security Analyst (GRC, Governance, Risk, Compliance) are:

  • Vendor security assessments in line with ISO27001, NIST, CIS, Cyber Essentials
  • Policy updates/Risk management - tracking creation and review
  • Maintain Information security awareness tool and reporting activity
  • Maintain certification programmes and all coordination activity
  • Create clear business presentations and organisation of documentation and policies.
  • Arrange and support internal and external audit programme activity
  • Document security breaches and assess the damage they cause and support the wider team
  • Work with the security team and the wider IT team and external security partners to perform tests and uncover vulnerabilities and record and track for auditability and reporting
  • Support remediation activity and vulnerability management to maintain a high level of security in line with information security best practice
  • Maintain company-wide best practices policy for security/Network/Software/WIFI/Cloud/Messaging etc
  • Assist in performing penetration testing/Monitoring and recording Risk and assessment.
  • Technical design authority & project review support
  • Change delivery and security by design
  • Security incident management and support
  • Provide guidance for colleagues to understand information security best practice.
  • Research security enhancements and make recommendations to management where necessary
  • Stay up to date on information technology trends and security standards
  • Comply with all relevant legal and regulatory obligations including the Solicitors Regulation Authority (SRA) Standards and Regulations, and Principles.

Qualifications and Experience required for this Information Security Analyst (GRC, Governance, Risk, Compliance) are:

  • Bachelor's degree in computer science or related field
  • Certified Information Systems Auditor (CISA), or ISO/IEC 27001 Lead Auditor or Implementer qualification with proven experience
  • Experience coordinating Audit, Risk programmes
  • Certified Information Systems Security Professional (CISSP) would be beneficial
  • Experience in information security risk and compliance
  • Experience with computer network penetration testing and techniques
  • Understanding of Firewalls, proxies, SIEM, antivirus, and IDPS concepts
  • Ability to identify and mitigate network vulnerabilities and explain how to avoid them
  • Understanding of patch management with the ability to deploy patches in a timely manner while understanding business impact
  • A background in working in GRC within technology, preferably within an Infrastructure or Application support/Audit role.
  • Demonstrable experience facilitating IT Control audit activities. With Relevant IT Security or Information Risk Management qualifications (Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), or ISO Lead Auditor or Implementer qualification, would be advantages for the role.
  • Experience working with large and extended Operational and Engineering teams

Reference: 2740610485

CareerAddict

Alert me to jobs like this:

Amplify your job search:

CV/résumé help

Increase interview chances with our downloads and specialist services.

CV Help

Expert career advice

Increase interview chances with our downloads and specialist services.

Visit Blog

Job compatibility

Increase interview chances with our downloads and specialist services.

Start Test

Similar Jobs

IT Auditor

City, London, United Kingdom