Information Security Analyst
: 12 Month Fixed Term Contract
Secure IT infrastructure is the foundation for many business-critical systems and is required to guarantee services can be delivered securely to our customers.
The Information Security Analyst will be responsible for design, support, management and evaluation of the security systems that protect systems and data, working closely with the IT infrastructure team on system setup and configuration.
The Analyst will analyse and respond to software and hardware vulnerabilities, and work alongside the wider IT team to maintain IT security compliance and best practice. Whilst addressing vulnerabilities, security procedures will be followed and developed further to ensure the business is operating an optimal security environment.
This person will be a key information security representative and contributor to business projects, ensuring solutions are designed securely from project inception, through the project management lifecycle. They will assist in the delivery of committed obligations (COs), contributing technical security expertise and ensuring compliance to ISO27001 standards.
Develop and maintain information security policies and procedures, ensuring that effective controls and reporting mechanisms are in place.
Ensure computer networks are monitored for security issues and penetration tested as required. Respond proactively to any issues identified and regular security KPI reports for IT senior management to highlight key security risks.
Investigate security breaches and other cyber security incidents performing analysis to document risks and create incident reports.
Work closely with the Infrastructure team on system design, implementation and then perform regular tests to uncover network vulnerabilities, ensuring at all times systems confirm with security compliance policies and standards.
Interact with project teams ensuring information security is built in to system design and any issues are responded to throughout project management lifecycles.
Regularly review the business’s infrastructure in relation to ISO27001 and NIS-D compliance and identify risks of non-compliance, working with the Infosec manager to develop remediation plans.
Recommend changes in line with legal, technical and regulatory information security guidelines and requirementsBack to Jobs