A great opportunity to grow your career AND help launch a leading disruptor in their industry.
Are you an experienced Information Security Analyst looking to build your career whilst playing a pivotal role in creating and implementing security policies for an innovative challenger in their field?
This role will require you to working very closely with the CTO of this leading organisation. You will work to minimise information security exposure whilst enhancing the information security framework.
- Develop and maintain the information security and cyber security framework based in NIST standards with supplement of cyber essentials and CQUEST minimum standards
- Implement the relevant information security controls to protect the environment.
- Assess current technology architecture for vulnerabilities, weaknesses and for possible upgrades or improvement
- Implement and oversee technological upgrades, improvements and major changes to the information security environment
- Serve as a focal point of contact for the information security team and the customer or organisation
- To investigate suspected and actual security incidents in accordance with the security incident management standard, produce reports with recommendations and ensure any remedial action is taken
- Assist in maintaining and improving compliance with security standards
- Assist with external audits from accreditation bodies and customers compliance teams
- Help conduct regular information security risk assessments and determining appropriate mitigation strategies & work with different internal teams to implement risk treatments
- Support vendor and supplier security compliance review processes
- Support the development of information security polices, processes & procedures in-line with company standards and best practice
- Provide support to ensure company staff follow established Information Security Policies and Governance Procedures
- Assist in maintaining and tracking all information security related documentation to ensure they remain relevant, appropriate and up to date
- Provide support and review the penetration test results
The skills required:
- Commercial experience in an information security role managing IT security in a multi-partner, on/offshore banking or financial services environment covering both IT operations and IT Change, preferably gained in more than one organisation.
- Knowledge of the legal and regulatory environment within which financial organisations operate (e.g. FCA, PRA).
- Knowledge and experience of monitoring tools (SIEM, sentinel, azure security centre)
- Proven successful implementation of NIST / Cyber Essentials / ISO27001 compliance implementation, either as part of or leading an implementation programme.
- Experience working with managed technology partners to provide effective Information security and compliance policies/guidelines that have delivered a positive step change in security compliance.
- Knowledge of NIST framework
- Knowledge of PCI implementation, either as part of or leading a PCI programme.
- Strong technical background with strong knowledge of Cloud Infrastructure and technology
- Certified Security Professional (CISSP, CISM, CISA) desirable but is not essential
Whilst the role will be based out of a new central office, interviews and onboarding will be conducted remotely. Longer term, the role will continue to offer a high degree of remote and flexible working with a requirement to be in the office 1-2 days every 2 weeks.
This role also offers an excellent benefits package that include a generous bonus up to 40%.
Ignite Digital Talent are committed to equal opportunities, and welcome job applications from all who are qualified and eligible to work in the UK, regardless of colour, ethnic or national origin, race, gender, sex, disability, age, sexual orientation, religious or political beliefs, marital status or family circumstances.