This is a Permanent, Full Time vacancy that will close in 25 days at 23:59 BST.
Your opportunity
Due to the continued growth and success of Ridge, the Information Security team is expanding in capacity to meet demand & service across the company. We are looking for two talented Information Security Analysts to sit within the Ridge Technology team. One is designed for someone who has recently finished University or has a deep passion for Security, while the other is for someone with a bit more IT experience looking for their first role in Information Security.
Role And Responsibilities
These roles will play a crucial part within the Information Security and Technology teams, supporting the Head of Information Security to ensure our information systems and data are protected from threats. Responsibilities will cover both technical (with access to the latest security tools) and non-technical (Governance, Risk, and Compliance). No two days will be the same!
Responsibilities will include liaising and working with the 24/7/365 Managed Detection and Response (MDR) service to identify, manage, and resolve security alerts and incidents. You will also perform internal vulnerability scans, understanding the data to identify real risk to the firm, and then work with system owners to mitigate that risk. Additionally, the role will take on responsibility for implementing and maintaining information security standards and measures to protect our infrastructure, systems & information. As part of this, the role will be key in ensuring we renew our current (Cyber Essentials Plus & ISO27001) & future accreditations.
Finally, the role will work closely and in collaboration with the wider technology team at Ridge, business stakeholders, and end users to support and promote information security at all levels. Excellent communication skills will be critical to successfully collaborate with all stakeholders and ensure success.
What you need to do to be effective in this role
* Organise yourself and your ongoing work, ensuring you complete your tasks to a high standard and on time.
* Liaise with both internal and external stakeholders.
* Create and maintain security documents (policies, standards, baselines, guidelines, and procedures).
* Maintain key process documentation for information security.
* Remain informed on trends and issues in the security industry, including emerging threats.
* Promote and drive a culture of security awareness & compliance across the organisation.
* Work with the MDR provider to analyse security alerts & incidents to identify impact & rectify threats.
* Perform vulnerability assessments to identify potential gaps and weaknesses.
* Conduct or assist in security audits to assess compliance.
* Input into & help manage the wider IT risk register holding other areas to account on mitigation plans.
* Input into Change Approval Board (CAB) to ensure governance and security is applied to all changes.
* Identify and suggest improvements in Information Security to the Head of Information Security & the wider business.
* Help understand and develop key Information Security value measures (KPI and OKRs) and targets in our business & show how the function contributes to our overall business objectives.
* Input into the enterprise’s security architecture design to assess current & future requirements.
* Maintain & improve the enterprise’s Business Continuity Plan and Disaster Recovery Plan.
Experience And Skills Required
* Excellent written and verbal communication skills with an ability to communicate effectively with colleagues and non-technical stakeholders.
* Ability to present ideas in business-friendly and user-friendly language.
* Ability to effectively prioritise and execute tasks in a fast-paced environment.
* Previous exposure to IT service governance, risk, and compliance methodologies would be beneficial.
* Educated to Degree level within a STEM subject (preferably Computer Science, Information Security or equivalent) would be advantageous but not essential.
* Gained relevant experience within an IT / Technology role, ideally in Information Security.
* Strong working knowledge & understanding of Cyber Essentials Plus & ISO27001:2022.
* Relevant accreditation in security such as CompTIA Security+ is desirable, but not required.
About us
We are Ridge, a Built Environment Consultancy. We help our clients transform the quality and sustainability of the built environment.
Our 1,000+ people bring a vast range of skills, delivering a professional mindset, gritty discipline, and a genuine passion to every one of the thousands of projects they undertake each year. They’re the foundation of our success - they drive our vision, embody our values, and separate us from the competition.
Come and join us if you’re hungry to be part of an exceptional team - if you put quality first - if you’re motivated by ingenuity and if you’re always aspiring to be the very best.
We believe that everyone performs their best when they feel like they belong and can be their true selves at work. As an equal opportunities’ employer, we will support you to ensure you have everything you need to be successful and achieve your best in your career at Ridge. If you’d like to discuss accessibility, accommodations, or adjustments during your application and selection process, please contact us at workwithus@ridge.co.uk and we will work with you to ensure you feel included and supported.
#J-18808-Ljbffr