Description
Security Analyst
Whitehall Resources are currently looking for a Security Consultant located in Knutsford for an initial 6 Month Contract.
*Please Note: This role has been deemed as INSIDE of IR35*
Client-focused technical role to support the secure design and implementation of change across a variety of business areas, technologies and platforms.
- Lead and assist with Risk Assessments to highlight and clearly articulate system security risk to the business in terms they understand.
- Assist in design and delivery of Security Solutions services
- Engage and partner with change delivery teams to identify and track security requirements and ensure we maintains a secure environment
The role of the Security Analyst is to deliver Security Solutions' services to ensure appropriate information security assurance is undertaken during the development life cycle.
Key Accountabilities
- Undertake and facilitate information and information security assessments for solutions during various development phases to ensure security weaknesses are identified and correctly managed, proposing solutions as required.
- Ensure the end-to-end information security integrity and quality of solutions and product releases.
- Work with stakeholders to ensure residual risks are adequately mitigated to the degree that meets the risk appetite of the business.
- Timely and accurate recording of client interaction using appropriate systems
- Support for the wider delivery and success of Security Solutions' services
Stakeholder Management and Leadership
- Working with technical and security specialists and the appropriate Business in developing and delivering System security solutions, and achieve high levels of satisfaction as a result
- Establish and manage relationships with key individuals across the business and technology teams to enable awareness and influencing of System security strategy
- Maintain an effective network of relationships with service and technology teams
- Encourage and solicit innovative ideas
Decision-making and Problem Solving
- Able to understand business objectives and translate into supporting information requirements
- Able to analyse multiple data points and information into simple messaging for a senior audience
- Able to apply critical reasoning to technical problems and systems to identify potential threats and absence of safeguards
- Able to interpret client problems and provide potential solutions
Risk and Control Objective
- Ensure that all activities and duties are carried out in full compliance with regulatory requirements, Enterprise Wide Risk Management Framework and internal Policies and Policy Standards.
Person Specification
Personal attributes essential to performing role including competencies, expertise, knowledge, and experience. Note: experience requirements must not be in the form of years (minimum or otherwise).
- Shows integrity while addressing challenging situations
- Actively seeks ways to understand, mitigate or reduce risks
- Ability to work under pressure or within tight timescales
- Freely shares information and experiences and seeks knowledge from others
- Effective at working with guidance in unstructured teams, situations and environments
- Challenges way of operating with a focus on pragmatism
- Demonstrates initiative and competence
- Supports and encourages positive working behaviours in others
- Able to shift well from task to task
Essential Skills/Basic Qualifications:
- Demonstrable understanding of security solutions and designs from a people, process and technology perspective; including security technologies, controls and assessment methodologies
- Good relationship, communication and stakeholder management skills
- Knowledge of information security frameworks and standards such as ISO, NIST, PCI DSS and their application into diverse environments
- Competent to discuss the underlying technology and security controls with product developers.
Desirable skills/Preferred Qualifications:
- Awareness and understanding of our business unit responsibilities and structure
- Knowledgeable about existing best practices for integration of security controls
- Awareness of core development methodologies and their associated technologies
- Security qualification
All of our opportunities require that applicants are eligible to work in the specified country/location, unless otherwise stated in the job description.