Upgrade Post project

Security Analyst

Birmingham  ‐ Onsite
This project has been archived and is not accepting more applications.
Browse open projects on our job board.

Keywords

Network Security Communication Analysis Foundation Information Security Application PCI-DSS IT Security Design

Description

The Responsibilities of the Security Analyst include:
  • Define and maintain the IT Security strategy
  • Police adherence to the IT Security strategies
  • Manage vendors that are assisting with IT Security initiatives and audits
  • Keep up to date with hacking and social engineering techniques and mitigation techniques
  • Provide Security training material that can be used internally to educate our staff
  • Advise the leadership team of emerging IT Security threats
  • Create communication strategies and action plans that can be invoked in the event of an IT Security issue
  • Embed a culture that promotes IT Security within the wider teams and vendors
  • Formally report on IT Security risks and any breaches
  • Find a practical balance between keeping systems secure but not over complicated or unusable
  • Establish an information security policy aligned to internationally recognisable standards
  • Work with architects to design security into a solution from the outset
  • Monitor legislative and security changes and advise on their impact
  • Ensure processes are in place to actively identify IT risks and manage them
  • Provide regular reports on the security of data and systems
  • Scope and organise penetration tests and vulnerability assessments
  • Work with banks and payment providers to ensure we meet their security requirements


Desired Skills and Experience
  • Minimum of 2 years' experience in an information security role
  • Degree level or equivalent
  • CISSP/CESG/CHECK/CREST/EC Council
  • ITIL Foundation V3
  • A good working understanding of security techniques and mechanisms such as:
    • Intrusion Detection and Protection Systems
    • Generic Firewalls and Web Application Firewalls
    • Security Infrastructure
    • Network and application security
    • Proxy Server and debugging, Anti-Malware
    • Denial of Service
    • Monitoring, Logging, Alerting and Analysis tools
    • Owasp Top Ten and other application vulnerabilities
    • PCI-DSS
    • ISO 27xxx standards
  • Confident and articulate presenter at multiple levels
  • Ability to sell and teach security as a benefit
  • Unflappable demeanour during incidents
  • Approachable style with a passion for continuously improving systems
  • Strong planning and organisational skills
  • Demonstrable problem-solving and analytical skills
Start date
02/2016
From
Computer Futures
Published at
30.01.2016
Project ID:
1061001
Contract type
Freelance
To apply to this project you must log in.
Register