I Net Software Solutions
Summary
Data is of paramount importance to our businesses. You will be joining the IT/Information Security Team at Markerstudy and will be making a valuable contribution to our data-centric security strategy. The primary purpose of this role is to support our varied businesses across the Markerstudy Group in actively managing and reducing data security related risk.
You will be a part of a medium sized team, reporting to the IT/Information Security Manager. You will have opportunities to learn new skills and develop.
You will also be involved in supplier and service assurance assessments. This would require a good understanding of compliance and governance standards. Part of the role is also undertaking compliance activities such as reviews of exceptions, mapping of requirements and more. You will be critical in ensuring that industry best practice security standards are implemented across the business.
Key Responsibilities:
The Senior Information Security Analyst will be responsible for:
- Driving PCI compliance (with the support of the rest of the teams/business)
- Representing the IT/Information Security Team as part of data security projects and driving the deliverables of the IT work streams.
- Supplier Assurance assessments where needed .
- Assist the information security manager with risk management
- Performing BAU tasks including:
- Maintenance of exceptions and risk acceptances.
- Reporting on status of information security within the GRC field (audit, awareness, risk etc)
- Advising on policies and other governance
- You may be expected to join the on-call rota for out-of-hours security incident handling in exceptional circumstances.
- Delivery of operational security activities related to the role as directed by the CISO and/or Information Security Manager
- Audit compliance against the organisation’s as well as suppliers’ information security controls.
- Assist with Disaster Recovery and Business Continuity activities.Key Competencies:
- Essential: Understanding risk management.
- Essential: Understanding and experience with managing PCI-DSS compliance.
- Essential: A team player with exceptional personal integrity, willing to take on additional tasks as needed.
- Essential: A solid understanding of compliance standards (GDPR, PCI DSS, ISO27001, Cyber Essentials, etc.).
- Essential: Auditing skills and experience
- Desirable: Relevant security certification (CISSP, CISM, etc.)
- Desirable: Knowledge of security architecture and principles.
- Desirable: Strong technical knowledge in security, infrastructure and applications.
- Desirable: Further Technical certifications would also be desirable.
- Desirable: Experience of carrying out security awareness training.
- Desirable: Knowledge of the ITIL or COBIT framework.Key skills, knowledge and experience:
- Strong stakeholder management and influencing skills.
- Excellent attention to detail.
- Strong prioritization skills.
- Experience with regulated environment, frameworks and ISMS.
- Desire for continuous improvement and personal growth.
- Excellent communication skills, both written and verbal.This position offers an exciting opportunity for individuals looking to advance their careers in information security while contributing to a secure organisational environment.
On-site parking
UK visa sponsorship
To apply for this job please visit findajob.dwp.gov.uk.