Information Security Analyst

Posted 10 December 2018 by Serco
Ending soon

Serco is a FTSE 250 international service company which combines commercial know-how with a deep public service ethos.  We improve services by managing people, processes, technology and assets more effectively. We advise policy makers, design innovative solutions, integrate systems and - most of all - deliver to the public.  Serco supports governments, agencies and companies who seek a trusted partner with a solid track-record of providing assured service excellence. Our people offer operational, management and consulting expertise in the aerospace, defence, education, health, justice and immigration, local government, science, technology, transport and the commercial sectors.

Information Security Analyst – Justice and Immigration

Bloxham, Oxfordshire - OX15 4LJ

The Information Security Analyst will take operational ownership of all information security management processes within contract, ensuring certification and / or network accreditation to a standard which will eventually allow the whole of J&I to be certified and within certification scope.

There is no current resource(s) in place within specific contracts dedicated to information security in the J&I arena. With the implementation of GDPR and the re-bid of contracts over the next few years, Serco need to be able to demonstrate compliance with GDPR and contractual requirements against security standards and accreditations as detailed in customer contracts.

Key Accountabilities

The Information Security Analyst will be required to take operational ownership of all information security management processes within a specific contract, including:

  • Information security risk management.
  • Information security incident management.
  • Information security assurance activities.
  • Establishment and management of an Information Security Management Forum
  • Support the ICT system accreditation where required in the contract.
  • Support ISO/IEC 27001 certification.
  • Support a variety of projects and design activities, including:

    Security factors such as HMG policy and good practice, assurance requirements, technical requirements, recommendations of security technologies and controls, physical security requirements, Personnel and / or procedural requirements. Body Worn cameras.

    Essential technical and professional skills, knowledge and qualifications

  • ISO27001:2013 Lead Auditor / Lead Implementer
  • Relevant security qualification eg: CISM / CISSP / CISA
  • Strong knowledge of ISO 27001:2013 and GDPR
  • Experience working with an ISO 27001:2013 certified management system
  • Strong knowledge of current Information Security threats and trends
  • Exceptional communicator to all levels of the organisation
  • Experience of training personnel with different competencies
  • Strong stakeholder management and organisation skills
  • Experience of internal auditing

Reference: 36807579

Bank or payment details should not be provided when applying for a job. is not responsible for any external website content. All applications should be made via the 'Apply now' button.

Report this job