Senior Information Security Analyst


Premium Job From Hargreaves Lansdown

Recruiter

Hargreaves Lansdown

Listed on

28th October 2016

Location

Bristol

Salary/Rate

Excellent

Salary Notes

Excellent

Type

Permanent

Start Date

ASAP

This job has now expired please search on the home page to find live IT Jobs.

The Senior Information Security Analyst (SISA) is a key role in the Information Security team which will involve deputising for the Chief Information Security Officer (CISO) when required. The SISA engages with the business to deliver embedded security and has a broad knowledge of technical security controls. They must also have a good level of understanding of IS risk management and the compliance requirements of standards, including at minimum PCI-DSS and ISO27001.

The SISA helps the CISO in the improvement of the ISMS and takes a key role in ISMS maintenance. The role involves ensuring that Information Security Risk management is embedded throughout the whole of Hargreaves Lansdown, as well as working to continuously improve the overall security culture for the organisation.

Key Duties and Responsibilities:

- Managing a programme of continuous internal and 3rd party security assessments;

- Taking a key role in defining Security Policy and associated processes;

- Working as part of the project delivery lifecycle to help ensure projects deliver secure solutions that meet defined security principles;

- Performing a lead role in the delivery of the information security awareness and training program;

- Carrying out third party security reviews and audits;

- Co-ordinating the annual compliance programme, for example PCI-DSS;

- Working as part of the security incident response escalation process, taking remedial action if required;

- Managing on-going access reviews and ensure authorisation of access changes occurs.

Essential Skills and Attributes:

- CISA/CISM or equivalent

- PCI-DSS, ISO27001, access controls, web application security, data classification and handling, 3rd party security, and cryptographic techniques

- Three to five years working in a security related role in a medium to large organisation

- Security Compliance Reviews, security incident response, delivery of security training/awareness programmes; security access reviews

- Proactive, good communication skills across all levels in an organisation, able to work autonomously, able to deliver results through others, pragmatic, high levels of initiative, innovative

To apply please click the APPLY button.

You are currently using an outdated browser.

Please consider using a modern browser such as one listed below: