Description
The Responsibilities of the Security Analyst include:- Define and maintain the IT Security strategy
- Police adherence to the IT Security strategies
- Manage vendors that are assisting with IT Security initiatives and audits
- Keep up to date with hacking and social engineering techniques and mitigation techniques
- Provide Security training material that can be used internally to educate our staff
- Advise the leadership team of emerging IT Security threats
- Create communication strategies and action plans that can be invoked in the event of an IT Security issue
- Embed a culture that promotes IT Security within the wider teams and vendors
- Formally report on IT Security risks and any breaches
- Find a practical balance between keeping systems secure but not over complicated or unusable
- Establish an information security policy aligned to internationally recognisable standards
- Work with architects to design security into a solution from the outset
- Monitor legislative and security changes and advise on their impact
- Ensure processes are in place to actively identify IT risks and manage them
- Provide regular reports on the security of data and systems
- Scope and organise penetration tests and vulnerability assessments
- Work with banks and payment providers to ensure we meet their security requirements
Desired Skills and Experience
- Minimum of 2 years' experience in an information security role
- Degree level or equivalent
- CISSP/CESG/CHECK/CREST/EC Council
- ITIL Foundation V3
- A good working understanding of security techniques and mechanisms such as:
- Intrusion Detection and Protection Systems
- Generic Firewalls and Web Application Firewalls
- Security Infrastructure
- Network and application security
- Proxy Server and debugging, Anti-Malware
- Denial of Service
- Monitoring, Logging, Alerting and Analysis tools
- Owasp Top Ten and other application vulnerabilities
- PCI-DSS
- ISO 27xxx standards
- Confident and articulate presenter at multiple levels
- Ability to sell and teach security as a benefit
- Unflappable demeanour during incidents
- Approachable style with a passion for continuously improving systems
- Strong planning and organisational skills
- Demonstrable problem-solving and analytical skills