Senior Information Security Analyst

Ref No. 24084
Wales - Swansea
Posted 23 Jan 2023

Overview

Salary: Please contact us

Employment: Permanent

Job description

Looking for a Security role with a company that has a motivating and supportive culture? IntaPeople is working with a Swansea-based tech company to expand the Cyber Security team with a Senior Security Analyst. Ideally, you will have experience in embedding a culture of information security within the daily operation of a business.

About you

  • We’re looking for strong communication skills with the ability to explain technical terms to non-technical people in a way they will understand; so for example, speaking in business language to stakeholders etc
  • You’ll have a strong understanding of IT Risk Management, Compliance and Auditing, preferably from a financial services background.
  • You’ll be a self-starter, proactive, inquisitive and driven.

 

About the role:

  • The main focus of the role is to support the management of activities within the team, ensuring that deliverables are met.
  • Work as part of a small team to support the Information Security Manager in the development and maturation of the Information Security function working within the Technology Services department, sitting alongside specialist Governance, IT Security & technical staff.
  • You will contribute to Regulatory Compliance, IT Audit Governance, IT Risks and provide key subject matter resource for the Technology GDPR deliverables.
  • As a member of the IT Governance team, you will be responsible for helping to embed a culture of Information Security within the day-to-day operations of the department, ensuring the Confidentiality, Integrity and Availability of the services provided to the enterprise.

What does this role look like day to day?

  • Leading and performing information security assurance reviews for the core business and group activities, as well as third parties.
  • Leading all internal IT audits.
  • Lead the IT aspects of the annual Group audit and manage the IT Risk Management program, in line with corporate governance requirements.
  • Producing high-quality reporting tailored to the target audience.
  • Provide support to the Information Security Forum. Produce monthly packs and participate in the delivery of the meetings.
  • Produce management dashboards and regularly report to the Information Security Manager to ensure timely and accurate delivery of the aforementioned duties are undertaken to achieve successful operational performances.
  • Deputise for the Information Security Manager at internal and external meetings.
  • In the absence of the Information Security Manager, lead the team to make decisions relating to Information Security in order to respond to a variety of demands.
  • Contribute to security-related initiatives such as Internal and External Information Security Audits and Vendor Management processes.
  • Provide guidance and assist business stakeholders with Informational Security enterprise.
  • Contribute to the future Information Security & IT Governance strategy.
  • Assist to drive and mature the implementation of ISO27001 ISMS and its ongoing maintenance and related activities such as internal audits and evidence exercises.
  • Recommend and implement changes in security policies and practices in accordance with legislation.
  • Assist with team development and communicate enterprise-wide information security-related metrics and reporting to all levels, including risk assessments, information security policy/standards approvals and exceptions, and supplier security assessments.
  • Keep abreast of industry trends, emerging controls, and legal and regulatory changes; particularly FCA, Lloyds, PCIDSS, GDPR and participate in industry forums to ensure compliance with Information security trends and standards.

The experience required

  • Knowledge of information security practices and procedures with minimum 3 years experience in an Information Security / IT Governance role.
  • Strong Experience with PCI DSS, ISO27001.
  • Strong GDPR compliance knowledge.
  • Ideally holds certification in one of the industry standards – CISMP, CISA, CISM, GDPR Practitioner, Certified ISMS Risk Manager.
  • Ability to produce management information and reports to an agreed schedule or upon request.
  • Proven presentation and communication skills with multiple levels of an organization, including interaction with senior-level business partners within the company.
  • Strong influencing and relationship management skills – the capability to build and maintain Customer/Supplier relationships.
  • Proven ability to manage multiple high-priority tasks / competing priorities and flexibility to adjust to changing requirements, schedules and priorities.
  • Self-driven and resourceful to achieve goals independently as well as work well in groups.
  • Leadership and/or Mentoring experience

About the benefits:

  • 25 days holiday, plus 8 public holidays
  • Company pension scheme
  • Annual pay reviews
  • 12% Bonus
  • Free on-site parking
  • Development opportunities and additional training


What next?

‘Apply Now’ to be considered or contact Kim for a confidential chat on k.gibbons@intapeople.com

Your consultant

Kim Gibbons

IT Team Lead

Get in touch:

k.gibbons@intapeople.com