Lead Security Analyst

Applications have now closed

Please visit our main job board to see all our current vacancies.

Lead Security Analyst

Lead Security Analyst London Dockyards Salary up to £70,000 Plus Benefits As an organisation, it's crucial that we handle our customer's data according to our information security policies and standards. Our information security team makes sure we always abide by the Data Protection Act and that any risks are identified and managed well so that our customers can rely and trust us in the way we're using their personal information

Job Description

Lead Security Analyst
London Dockyards
Salary up to £70,000 Plus Benefits

As an organisation, it's crucial that we handle our customer's data according to our information security policies and standards. Our information security team makes sure we always abide by the
Data Protection Act and that any risks are identified and managed well so that our customers can rely and trust us in the way we're using their personal information.

As our lead security analyst, you'll lead and work with a small team to make sure we're doing things right and that we're meeting our obligations on a daily basis. You'll guide stakeholders in a way they can understand and also work with the organisation from a security perspective as we start to deliver more services digitally.

You'll make sure our technical capabilities, including both our internal and perimeter controls like firewalls, end point protection, e-mail and web usage monitoring, are adequate and appropriate for the organisation. We also need to make sure our 3rd party suppliers are doing what they say from a security perspective - so you'll be vetting them and auditing them to check that they're closely following out security policies and procedures.

The Role

" Coordinating the team's internal security audits
" Monitoring all technical security incidents, and managing controls and mechanisms to prevent and minimise risks
" Ensuring our vulnerability management programme is working effectively, and making sure we interpret and deliver the right information to the other IT teams from our scanning solutions
" Playing a lead role in the technical security operations function
" Working with and managing 3rd party suppliers - including negotiating contracts and making sure we carry out due diligence to ensure they remain compliant with our policies
" Performing security risk assessments and flagging issues to the relevant stakeholders
" Shaping and managing a penetration-testing schedule to make sure both our internal and hosted IT systems are secure
" Working with project teams, giving advice on security policies, risk and making sure we always have what we need from a security perspective
" Managing and developing the information security management system (ISMS), taking ownership of important technical policies and standards
" Leading and developing a small team of information security analysts
" Successfully advising from a security perspective on projects and change activity which contributes to shaping the future of the organisation

Experience includes

" Working in a security team or function within a medium-sized or large organisation - you'll have had accountability for major security initiatives
" using excellent communication skills to engage with stakeholders at all levels in a way they can understand
" Scoping and managing penetration tests for a portfolio of systems and hosted services
" Having experience of business continuity and disaster recovery programmes would be desirable
" Having knowledge and experience of vulnerability management
" Being able to work with and manage a small team of security professionals, including coaching and monitoring performance
" Planning and prioritising in a changing, busy environment - caring about achieving results as a team while being flexible and recognising the needs of the organisation
" Building strong relationships both internally and with a range of external stakeholders
" Having a good understanding of ISO27001 and developing an ISMS
" Having a good knowledge of the Data Protection Act and other relevant legislation
" Having a good understanding of access and identity management, and solutions that prevent data leakage
" Knowing about data classification systems would be an advantage
" Holding CISSP (Certified Information Systems Security Professional), CISM (Certified Information Security Manager) or an equivalent qualification would be desirable
" Having risk-management knowledge and an industry-recognised risk-management qualification would be desirable
l

If you would like to talk further please call me on 02392 458 047
Please email your CV

This vacancy is being advertised by Advanced Resource Managers. ARM is a specialist talent acquisition and management consultancy. We provide technical contingency recruitment and a portfolio of more complex resource solutions.

Our specialist recruitment divisions cover the entire technical arena, including some of the most economically and strategically important industries in the UK and the world today. We will never send your CV without your permission

Advanced Resource Managers IT Limited operates & advertises as an Employment Agency for permanent positions and as an Employment Business for contract/temporary positions.

Key Consultant

Claire New

team member 16a

I am an IT security recruitment consultant working with candidates and companies in the data loss and leak prevention sector. I specialise in recruiting professional services, pre-sales and architects and consultant sales. I particularly enjoy meeting and working with new clients and candidates.