Information Security Analyst

About the job Information Security Analyst

Information Security Analyst

Permanent

Oldham, Greater Manchester (Hybrid)

£40k - £45k + Excellent Benefits

We have a very exciting opportunity for an Information Security Analyst based at our client site in Oldham, Greater Manchester. This is a fantastic role managing our client's Information and Cyber Security Controls and procedures across Europe.

Reporting to the CISO & Head of IT, the role will require in-depth understanding of Information Security, technology architecture and business security. This is a great opportunity for someone looking to further establish their IT Security knowledge and skills in an environment that provides autonomy and support in equal measure.

Role

1. To create, administer & maintain policies, standards and templates, following ISO27001, CIS and NIST best practises; creation and upkeep of Incident Response Plans, Disaster Recovery, Business Continuity, along with the planning and execution of tabletop exercises to test the robustness of these policies.
2. Plan for disaster recovery and create contingency plans in the event of any security breaches.
3. Act as DPO Ambassador for the group DPO; liaising with stakeholders across the business, aiding in the creation ROPAs and engaging with the Bpost privacy network group.
4. Coordinated analysis of identified vulnerabilities and patch releases to ensure a risk-based approach is taken for remediation.
5. Investigate security alerts and provide incident response.
6. Monitor and maintain identity and access management.
7. Liaise with stakeholders, up to C-level in relation to cyber security issues and provide future recommendations.

1. 1-2yrs experience of implementing ISMS and cybersecurity best practises and certifications such as ISO27001, Cyber Essentials, NIST, CIS or PCI.
2. Awareness of GDPR (General Data Protection Regulation) framework and best practises.
3. A broad understanding of the current cybersecurity threat landscape, existing and emerging technologies.
4. An understanding of the principles of physical, virtual and cloud architectures (IaaS, SaaS, PaaS) for systems and networks.
5. Good knowledge of ITIL service management processes.
6. Qualys Vulnerability Scanning.
7. Recognised Information Security qualification (Security+, CISSP or similar).
8. A broad range of technology experience (Private and Public cloud Infrastructure, Networking (Cisco, Fortinet), Microsoft, Linux etc).