Security Analyst required for a leading ecommerce company on a permanent basis.
Salary: Dependent upon experience
- Strong understanding of ISO27001 Framework.
- Technical knowledge of information security compliance (ISO27001), information management and IT security arrangements.
- Have practical experience in undertaking both internal and external ISO27001 related audits.
- Confidence in communicating with key stakeholders at all levels.
- Ability to audit against ISO 27001 security requirements.
- Ability to work independently and able to manage and prioritise workload.
- Technical experience of Firewall administration (CheckPoint), Anti-Virus Services (Sophos), IDS/IPS.
- Familiarity with PCI DSS.
- Practical experience of implementing an Information Security Management System (ISMS) compliance project, in accordance with ISO27001 framework.
- Practical experience in undertaking both internal and external ISO27001 related audits.
- Identifying risks to business information and systems.
- Undertaking risk assessments, risk treatment planning and advising on remediation actions.
- Review and influence company policies and security standards, promoting improvements and best practice
- Work with stakeholders and project teams to complete ISMS compliance.
- Provide security advice and guidance to support technology initiatives being undertaken.
- Improve automation and monitoring of systems.
- Respond effectively to IT Security alerts/incidents.
- Help further develop our Infrastructure security architecture/designs, planning, controls, processes, and standards.
- Patch management of critical infrastructure across the estate.
- Work alongside SME’s and system administrators to validate and remediate identified security vulnerabilities.
About the role:
We have a fantastic opportunity for an experienced Security Analyst who is passionate about their work to join our fast-moving IT Department supporting a highly technically literate user base. The successful candidate will have an excellent understanding of Information Security with supporting experience.
The candidate must be have an ability to quickly analyse and remediate information security threats, implement efficient procedures and have a solid understanding of the technology used such as CheckPoint, Sophos Anti-Virus, Nagios, ZScaler, Nessus and similar. This is a hands on role with potential to engage in assisting on process and architectural design, influencing our future approach to security within an increasingly internationally focused organisation.