Description
Title: Information Security Analyst
Contract: 6 Month Rolling
Rate: Negotiable
Location: Tonbridge, Kent
About Technology
The Technology function within the Technology, Finance and Investment Admin department provides IT services to the International business, globally. These include the development and support of business applications that underpin our revenue, operational, compliance, finance, legal, and marketing and customer service functions. The broader organisation incorporates Infrastructure services that the firm relies on to operate on a day to day basis including data centre, networks, proximity services, security, voice, incident management and remediation.
Information Security Risk Management is part of the Information Security & Risk Management organisation within Technology. The department is responsible for governance of company wide Information Security through risk assessments, policy control, standards compliance, exceptions management and security awareness and training.
Purpose of your role
The Information Security Analyst is responsible for supporting the Information Security Officer in managing the security risk effectively. The role is responsible for introducing new, updating old, and maintenance of Information Security Polices and Standards and helping to integrate them into new security technology and tools, as well as simplifying them for easier understanding by the infrastructure and business teams.
Your key accountabilities
Policy management
- To develop new and updated policies and standards to govern new project and service implementations such as :
- Mobile Platforms - customer facing
- Anywhere - mobile technology and services for staff
- PaaS
- Cloud Services & Cloud Security Gateway
- Cyber Defence Operations
- PKI
- Tripwire
- Siteminder
- Investment Platforms
- To assist in integrating these controls into CCS, Sentinel and other security tools
- To help simplify the policies and standards by removing redundant and duplicated controls
- To provide simple summary documents or guides to help infrastructure and business teams understand the meaning behind the standards
- To introduce the new and updated standards through adherence to proper governance procedures
- To publish the new and updated standards on the Information Security Risk Management website
Liaison
- Liaise with technical groups in technology as well as oversight functions
- To build relationships and work collaboratively with colleagues in India and Asia
Your skills and experience
- 3 years' experience in Information Security
- A detailed working knowledge of information security policies, standards, controls and frameworks in the investment/banking sectors.
- Experience of working in an ISO 27001 accredited, international organisation will be of benefit.
- A good communicator/presenter who gains the confidence of key stakeholders.
- Commitment to high standards of excellence and integrity.
- Resilient, energetic and enthusiastic; able to work under pressure
- Excellent PC skills, especially MS Office and SharePoint.
- Ability to multi-task and prioritise workload with a keen attention to detail.