Collegamento...

W1siziisimnvbxbpbgvkx3rozw1lx2fzc2v0cy9vbgl2zxitamftzxmvanbnl29mzmljzs1izy1pbwfnzs5qcgcixv0
W1siziisimnvbxbpbgvkx3rozw1lx2fzc2v0cy9vbgl2zxitamftzxmvanbnl29mzmljzs1izy1pbwfnzs5qcgcixv0

Technical Security Analyst

Luogo: Brighton, East Sussex
Stipendio: £50000 - £55000 per annum
Postato: giorni 11 fa
Tipologia di contratto: Permanent
Industria: Information & Cyber Security
Nome del contatto: Vinny Hughes
Contatto email: Vinny.Hughes@ojassociates.com

Vinny Hughes

Associate Director

See more of Vinny Hughes's jobs

Technical Security Analyst

Coordinate with third party providers in order to deliver technical security control assessments for Legal and General in the areas of penetration testing, vulnerability scanning, application security testing and firewall assurance. This involves:

  • Scoping of these tests
  • Coordinating the timely execution of the testing schedule
  • Reviewing, prioritising and coordinating remediation of findings and issues

Principal accountabilities

Coordinate with third party providers in order to deliver technical security control assessments in the areas of penetration testing, vulnerability scanning, application security testing and firewall assurance. This involves:

  • Scoping of these tests
  • Coordinating the timely execution of the testing schedule
  • Reviewing, prioritising and coordinating remediation of findings and issues

Conduct IT security control testing and evidence review (e.g. in the area of identity and assess management ) and provide associated improvement recommendations to help ensure controls outlined in the policies and standards are designed and operating effectively.

Engage and coordinate with Group IT and business divisions to facilitate planning and execution of the security testing activities in order to meet testing schedule and internal audit requirement.

Track progress and support control owners to implement remediation actions required to close internal and external audit findings in a timely and effective manner.

Support IT and business transformation projects by performing security assessments and ensuring that controls and security requirements are being implemented through the transformation lifecycle.

Track and prepare reporting on risk metrics for the assurance programme, to help ensure that senior stakeholders within Group IT and business divisions are aware of key vulnerabilities and risks within the organisation.

Education

  • Bachelor's degree (preferred but not essential) or equivalent experience in computer science, IT engineering, or related field
  • A master's degree or equivalent in Information / Cyber Security or Audit would be an advantage

Certification

  • Certificateless Registry for Electronic Share Transfer (CREST) certification is preferred but is not essential
  • Information Security and/or Information Technology industry certification (CISA, CISSP, CISM or equivalent) strongly preferred
  • Member of Institute of Information Security Professionals (M.IISP) or have the qualification, skills and experience to become a member

Knowledge

  • Strong understanding of assurance methodologies and testing protocol
  • Strong understanding of cyber controls and cyber risks to identify and evaluate control effectiveness and identify any potential gaps between cyber risks and existing cyber control
  • Strong understanding of various cyber technologies such as endpoint protection, DLP, insider threat protection, mobile device protection etc.
  • Organised with a proven ability to prioritise workload, meet deadlines, and utilise time effectively
  • Have an eye for detail

Experience

  • Prior experience working in information security is essential
  • Prior work experience in delivery, managing and quality assuring information security assurance activity
  • Experience in managing complex stakeholder relationships
  • Experience in financial service industry is preferred but is not essential

I lavori simili