Information Security Analyst
- Recruiter
- Confidential
- Location
- Swansea
- Salary
- 35000.00 - 37000.00 GBP Annual
- Posted
- 22 Jul 2022
- Closes
- 19 Aug 2022
- Sectors
- Accountancy
- Contract Type
- Permanent
- Hours
- Full Time
Information Security Analyst (non technical) - partially remote
Do you have experience embedding a culture of information security within the daily operation of a business?
This is a non-technical role which focuses on governance and information security, rather that an IT Security role.
A non-technical role, however you will need to be capable of understanding technical conversations and be able to discuss security and governance with "techies". The role works alongside all levels and departments across the business, supporting, guiding and consulting to help manage IT risk and audit management. Previous experience working in an IT risk or governance role is advantageous, however a candidate who has gained knowledge of information security practices and industry standards within another role will be considered
The Information Security Analyst works as part of a small team to support the Information Security Manager in the development and maturation of the Information Security function. They work within the Technology Services department working alongside specialist IT Governance, IT Security & technical staff. The Business Information Security Analyst will contribute to Regulatory Compliance, IT Audit Governance, IT Risks and provide key subject matter resource for the Data Governance and Technology GDPR deliverables.
In this non-technical role, as a member of the IT Governance team, the Analyst will be responsible for helping to embed a culture of information security within the day to day operations of the business ensuring the confidentiality, integrity and availability of the services provided.
The location for this role is Swansea and the business is currently trialing different patterns of home and office working to determine optimum working arrangements for the future. During the trial period the classification of this role is Hybrid. Typically, this has entailed three days collaborating with colleagues in the office and two days working from home per week.
Reporting to the Information Security Manager your main accountabilities in the role will be to:
Perform information security assurance reviews of the core business and group activities, as well as third parties.
Provide guidance and assist business stakeholders with Informational Security enterprise.
Assist to drive and mature the implementation of ISO27001 ISMS and its ongoing maintenance and related activities such as internal audits and evidence exercises.
Provide support to the Information Security Forum. Produce monthly packs and participate in the delivery the meetings.
Assist with team development and communicate enterprise-wide information security related metrics and reporting to all levels, to include risks assessments, information security policy/standards approvals and exceptions, supplier security assessments.
Provide Data Governance support to the Data Governance Council by holding meetings with business stakeholders to ensure data quality standards are being met, and then produce quarterly packs and deliver the meetings.
Produce management dashboards and regularly report into the Information Security Manager to ensure timely and accurate delivery of the aforementioned duties are undertaken to achieve successful operational performances.
This is a non-technical role which focuses on governance and information security, rather that an IT Security role.
A non-technical role, however you will need to be capable of understanding technical conversations and be able to discuss security and governance with "techies".
The role works alongside all levels and departments across the business, supporting, guiding and consulting to help manage IT risk and audit management.
Previous experience working in an IT risk or governance role is advantageous, however a candidate who has gained knowledge of information security practices and industry standards within another role will be considered
What you'll get in return:
25 days holiday
Discretionary bonus scheme
Employee assistance programme
Annual holiday buy (up to 3 extra days)
Salary sacrifice benefits
Annual benefits reviews
Professional qualifications and study support
The opportunity to work 2 - 3 days per week from home
The successful candidate should have a good mix of the following:
Experience of ISO27001 and working with an ISMS.
GDPR compliance knowledge.
CISMP, CISA or CISM accreditation is preferred, though not essential where competency can be proven through experience.
A confident manner and be able to interact with all levels of the business and be able to build relationships.
Knowledge of information security practices and procedures gained from experience in a Business Information Security/IT Governance role.
The ability to produce management information and reports to an agreed schedule or upon request.
Strong presentation, communication, influencing and relationship management skills.
An understanding of IT risk management.
In return you will receive an annual salary of between GBP35,000 and GBP37,000, an excellent benefits package, good training, an annual bonus and a great working environment although this role offers the opportunity to work partially from home.
Please apply either by using the link provided or by emailing your CV direct to me. Alternatively, you can call for more information on the number shown below.
Easton Haines Consultancy is a specialist recruitment business for the IT industry. No terminology in the advertisement is intended to discriminate against any of the protected characteristics that fall under the Equality Act 2010. For the purposes of the Conduct Regulations 2003, when advertising permanent vacancies, we are acting as an Employment Agency, and when advertising temporary or contract vacancies we are acting as an Employment business.
Please note that, unfortunately, due to the high level of applications, we are only able to respond to those candidates whose CVs match the job requirements.
Please note that by applying for this role you give Easton Haines authority to process your data in respect of this specific role and to notify you of other suitable job opportunities; we will not share your data with third parties without your prior agreement and out Privacy Policy can be viewed on our website
Do you have experience embedding a culture of information security within the daily operation of a business?
This is a non-technical role which focuses on governance and information security, rather that an IT Security role.
A non-technical role, however you will need to be capable of understanding technical conversations and be able to discuss security and governance with "techies". The role works alongside all levels and departments across the business, supporting, guiding and consulting to help manage IT risk and audit management. Previous experience working in an IT risk or governance role is advantageous, however a candidate who has gained knowledge of information security practices and industry standards within another role will be considered
The Information Security Analyst works as part of a small team to support the Information Security Manager in the development and maturation of the Information Security function. They work within the Technology Services department working alongside specialist IT Governance, IT Security & technical staff. The Business Information Security Analyst will contribute to Regulatory Compliance, IT Audit Governance, IT Risks and provide key subject matter resource for the Data Governance and Technology GDPR deliverables.
In this non-technical role, as a member of the IT Governance team, the Analyst will be responsible for helping to embed a culture of information security within the day to day operations of the business ensuring the confidentiality, integrity and availability of the services provided.
The location for this role is Swansea and the business is currently trialing different patterns of home and office working to determine optimum working arrangements for the future. During the trial period the classification of this role is Hybrid. Typically, this has entailed three days collaborating with colleagues in the office and two days working from home per week.
Reporting to the Information Security Manager your main accountabilities in the role will be to:
Perform information security assurance reviews of the core business and group activities, as well as third parties.
Provide guidance and assist business stakeholders with Informational Security enterprise.
Assist to drive and mature the implementation of ISO27001 ISMS and its ongoing maintenance and related activities such as internal audits and evidence exercises.
Provide support to the Information Security Forum. Produce monthly packs and participate in the delivery the meetings.
Assist with team development and communicate enterprise-wide information security related metrics and reporting to all levels, to include risks assessments, information security policy/standards approvals and exceptions, supplier security assessments.
Provide Data Governance support to the Data Governance Council by holding meetings with business stakeholders to ensure data quality standards are being met, and then produce quarterly packs and deliver the meetings.
Produce management dashboards and regularly report into the Information Security Manager to ensure timely and accurate delivery of the aforementioned duties are undertaken to achieve successful operational performances.
This is a non-technical role which focuses on governance and information security, rather that an IT Security role.
A non-technical role, however you will need to be capable of understanding technical conversations and be able to discuss security and governance with "techies".
The role works alongside all levels and departments across the business, supporting, guiding and consulting to help manage IT risk and audit management.
Previous experience working in an IT risk or governance role is advantageous, however a candidate who has gained knowledge of information security practices and industry standards within another role will be considered
What you'll get in return:
25 days holiday
Discretionary bonus scheme
Employee assistance programme
Annual holiday buy (up to 3 extra days)
Salary sacrifice benefits
Annual benefits reviews
Professional qualifications and study support
The opportunity to work 2 - 3 days per week from home
The successful candidate should have a good mix of the following:
Experience of ISO27001 and working with an ISMS.
GDPR compliance knowledge.
CISMP, CISA or CISM accreditation is preferred, though not essential where competency can be proven through experience.
A confident manner and be able to interact with all levels of the business and be able to build relationships.
Knowledge of information security practices and procedures gained from experience in a Business Information Security/IT Governance role.
The ability to produce management information and reports to an agreed schedule or upon request.
Strong presentation, communication, influencing and relationship management skills.
An understanding of IT risk management.
In return you will receive an annual salary of between GBP35,000 and GBP37,000, an excellent benefits package, good training, an annual bonus and a great working environment although this role offers the opportunity to work partially from home.
Please apply either by using the link provided or by emailing your CV direct to me. Alternatively, you can call for more information on the number shown below.
Easton Haines Consultancy is a specialist recruitment business for the IT industry. No terminology in the advertisement is intended to discriminate against any of the protected characteristics that fall under the Equality Act 2010. For the purposes of the Conduct Regulations 2003, when advertising permanent vacancies, we are acting as an Employment Agency, and when advertising temporary or contract vacancies we are acting as an Employment business.
Please note that, unfortunately, due to the high level of applications, we are only able to respond to those candidates whose CVs match the job requirements.
Please note that by applying for this role you give Easton Haines authority to process your data in respect of this specific role and to notify you of other suitable job opportunities; we will not share your data with third parties without your prior agreement and out Privacy Policy can be viewed on our website