ROLE PROFILE Senior Analyst - Information & Cyber Security - IAM Reports to: Senior Practice Manager Grade: Senior Professional / Technical Job Family: IT Cyber Security Leadership Responsibility Direct Reports0Indirect Reports:0 Regulatory Information: Not Applicable Location: Binley, Coventry. Team-led hybrid working arrangements apply. Working Hours: 35 plus on call ABOUT THE ROLE A Senior Analyst - IAM drives through security good practices as we expand our use of cloud technologies and take on digital transformation initiatives. The role will influence security practices, moulding the future of Coventry Building Society for years to come. The senior analyst will act as a guardian of our technological transformation, ensuring robust security measures in line with regulatory frameworks such as GDPR, FCA, and PRA.
Working in a product-based agile model, the role will advise on the application of identity and access management security controls and policies for business initiatives, addressing any risks and implementing new operational controls and processes where appropriate.
This role is not solely about having the right security background, it requires work collaboratively, and with pragmatism when supporting fast-paced delivery teams. ABOUT YOU
1. Are you passionate about security and want to be part of an innovative forward-looking team? Do you have experience in regulated industries and enjoy being part of a team? If you are a go to person with excellent security ad problem-solving skills; are up to the challenge of working in a financial service Identity and Access Management team, then we want to hear from you.
2. To be a successful member of our team, we need people who are experts in security technologies, governance, and assurance and who also have a drive for change and continuous improvement.
3. A flexible approach to working hours, including being part of a callout rota to meet own objectives and assist colleagues in meeting their objectives.
REQUIREMENTS: Professional qualifications or essential experience required:
4. A security related qualification. CISSP, CISA/M, SANS GIAC.
5. Experience of PCI-DSS
6. Experience of UK Financial Services regulatory requirements
7. Exposure to ISO27001/2 or NIST knowledge.
8. IT security experience.
9. Experience with IAM / PAM tools such as SailPoint, Okta, CyberArk, BeyondTrust or Thycotic.
10. An understanding of IAM frameworks and standards.
11. Experience in implementing strong authentication, authorisation, and accounting controls.
12. Experience within directory services such as Active Directory, LDAP, and Azure AD.
YOUR KEY RESPONSIBILITIES. (Additional detailed performance objectives will be set by your manager) General Profile
13. Perform IT security monitoring, analysis and reporting to ensure that the Society meets our critical compliance requirements.
14. Contribute to and maintain IT Security procedures, standards and guidelines based on knowledge of best practices and compliance requirements.
15. Organises, plans and monitors own time on day to day basis.
People & Relationships
16. Effectively liaise with stakeholders to support project teams and BAU tasks.
17. Where appropriate, report on process improvements to the IT Security Manager.
18. Take responsibility for personal development, seeking help and support where necessary.
19. Adopt a positive and proactive approach with colleagues, showing enthusiasm for the Society's mission and values.
20. Promote process adherence across the Society to achieve a positive service experience for our customers.
21. Develop analytical methods for identifying process adherence; interpret results and present recommendations for improvement.
Governance, Risk & Controls
22. Keep up to date with changes in the information security landscape (threats, regulation, which impact on business areas and factor these into internal monitoring and reporting.
23. Monitor IT security risks and issues related to the systems and processes at the Society, to ensure the IT security controls for the Society are appropriate and operating as intended.
Impact, Scale & Influence
24. Provide subject matter expertise to the Society's colleagues and projects.
25. Conduct security research in keeping abreast of latest security issues.
26. Actively participate in wider, external, information security community.
Decision Making / Problem Solving
27. Provide security oversight and advice to solution designs within the Society's review forums.
28. Respond and lead on the security incident management recovery activities.
Comparable Roles N/A
Carbon60, Lorien & SRG - The Impellam Group STEM Portfolio are acting as an Employment Business in relation to this vacancy.