Senior IT Security Analyst

7 days left

Company
Rbw Consulting Limited
Location
Crawley, West Sussex
Salary
From £55,000 to £65,000 per annum
Posted
03 Oct 2020
Closes
31 Oct 2020
Sector
Technology
Contract Type
Permanent
Hours
Full Time
My client is looking to recruit an experience Senior IT Cloud Security Analyst to join their global team who will be responsible for the development of the Security Architecture of existing and new IaaS, PaaS, SaaS, and BPaaS components. You will support the development and maintenance of core policies related to the IT and Security environment. The successful candidate will have strong experience in cloud Security and Information protection background. Responsibilities –•Communicate and inform all levels of stakeholders about the security plans, requirements and policies. Auditing of the use of Security and other IT procedures to ensure that they meet the compliance, security and good practice requirements.
  • Ensures that third parties and IT functions are following targets for availability, integrity and confidentiality including the periodic review, monitoring and mitigation of supplier controls.
  • Evaluates all major system modifications and development/project requests to determine potential benefits and impact on information security operations.
  • Assists IT functions with their security system design and setup documentation to ensure compliance with the relevant standards.
  • Plans and performs audits of Information Security and other IT procedures.
  • Maintains professional growth and development through seminars, workshops and/or professional affiliations to keep abreast of latest trends in the assigned field.
  • Conduct IT risk assessments and develop the appropriate risk treatment plans. Monitor and ensure the mitigation of residual risks.
  • Act as the primary corporate control point during follow-up on significant information compliance or security incidents, overseeing incident management and the development of response plans and provide timely update reporting. Actively participate in iSMS process.
  • Collaborate with the IT security and governance team to ensure information security risks in both ongoing and planned operations are properly considered and implemented, so that all compliance matters are being adhered to as required.
  • Develop and maintain and report the key security related KPI’s to support ISO27001 and the IT General Controls (ITGC) framework
Relevant Knowledge, skills and competencies –
  • BS or MS in Computer Science or equivalent experience.
  • Proven and recent experience for at least 3 years operating IT Security controls in M365 and Azure (Relevant Azure Certifications required)
  • Expertise in information security architecture technologies and concepts.
  • Expertise in the field of information systems security, including areas such as identity and access management, security program policies, processes, and procedures
  • Understanding of emerging technologies and their impact on security architectures: service orientated architecture, enterprise frameworks, message-based information exchange, etc. Experience with Industry controls and frameworks for audit, risk, compliance, security, governance and/or enterprise risk (COBIT, COSO, ISO27001, SOC)
  • Significant experience with global regulatory-compliance frameworks including HIPAA, CALDICOTT, 21 CFR Part 11, EU Data directive and all other applicable laws.
  • Professional security management certification preferred, such as a Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA) or other similar credentials
  • ISO27001 lead auditor qualified preferred.
  • Experience with information system disaster recovery planning and testing, auditing, risk analysis, business system resumption planning, and contingency planning.
  • Familiarity or experience with cloud computing, online services, Web applications and enterprise applications including SaaS, PaaS, WaaS.
  • Ability to understand business process flows and to provide recommendations for compliance requirements
  • Ability to apply best practice in troubleshooting, testing techniques, and quality assurance activities
  • Strong knowledge of information security including LDAP, SAML, ADFS, Encryption Protocols, SSL, Certificates, Identity management, Modern Authentication and SIEM.
  • Knowledge of network communications protocols and Firewalls.
  • Exposure to vulnerability and penetration testing as well as Ethical hacking would be advantageous.
  •  Proven ability to work effectively with others in a global dispersed and technically diverse organization.
  • An individual who is organized, detail orientated with good time management.

Similar jobs

Similar jobs