An immediate opportunity has arisen for an experienced Information Security Analyst to join our client, a leading bank based in London
Working within the Risk management team to provide assistance to the Information security officer in governance and oversight of the information security risk and control environment, to ensure proportionate, relevant and cost-effective controls are designed well and operating effectively, and monitor and report on the status of information security risks.
The role holder must be able to translate the information security risk requirements and constraints of the business into security control requirements and specifications, as well as develop metrics for ongoing performance measurement and reporting.
Key responsibilities of the Information Security Analyst will include:
- Produce high quality documentation including management information, security dashboards & reports as required including but not limited to weekly, monthly & quarterly reports
- Report on the effectiveness of the security controls
- Coordinate with external vendors and security consultants on security projects
- Support internal and external audits by gathering and/or coordinating deliverables for necessary evidence and review
- Analyse and advise on security alerts received from the Security Operations Centre
- Plan, schedule and conduct IT application system user access reviews with minimum guidance and complete these to management timelines.
- Maintain knowledge of emerging technologies and any associated vulnerabilities and risks and assist with vulnerability management. System vulnerabilities need to be remediated in coordination with IT according to the bank policies.
Key experience for Information Security Analyst will include:
- Experience of implementing, managing or working with risk management methodologies or common information security management frameworks and standards, such as ISO27001, ISO 31000, CIS, ITIL, COBIT, PCI-DSS or NIST within a regulated environment, performing risk assessments and business impact analysis.
- While a technical hands-on experience on IT security solutions such as Firewalls, Data Leak Prevention, Network Access Control, Antivirus, Windows SCCM, Email gateways is not necessary but some understanding of these solutions would be advantageous for the role.
- Proven understanding of user access reviews for IT application and systems.
- Any of the most common security certifications such as ISO27001 Lead Implementer (LI) or Lead Auditor (LA), CISA, CISM, CISSP etc.
If you have similar Information Security experience to that outlined above and are looking for an opportunity within a progressive and dynamic environment, please forward your CV today.
Randstad Financial & Professional encourage applications from individuals of all ages & backgrounds. Appointment will be made on merit alone but candidates must be able to demonstrate their ability to work in the UK. Randstad Financial & Professional acts as an employment agency for permanent recruitment & an employment business for temporary recruitment as defined by the Conduct of Employment Agencies & Employment Business Regulations 2003