We are looking for a new Security Compliance Analyst, duties will include tracking and reporting security metrics, identifying and mitigating security risks, managing security processes like risk assessments and policy deviations, collaborating with other teams on security findings, supporting compliance with frameworks like NIST and ISO 27001, improving compliance efficiency, acting as a security point of contact, and contributing to security awareness programs and policy implementation support.
What you’ll do
* Develop an understanding of the threats, risks, vulnerabilities and evolving attack vectors facing the business.
* Analyse and make recommendations on how to implement consistent and effective security controls and system hardening for existing and new services..
* Working with the wider security team to support the resolution and reporting of penetration and vulnerability testing.
* Assist with monthly security reporting and dashboards, investigating and escalating areas of concern.
* Assist in group security training and awareness campaigns.
* Manage the security review and sign off of technology changes and support the security deviations and issues process.
* Support as needed in the execution and delivery of tasks related to certification reviews (PCI-DSS, ISO27001, Cyber Essentials, etc).
* Support internal and external security audits, presenting responses and supporting evidence to satisfy the request.
* Stay up-to-date on industry trends and security standards.
* Support colleagues with business change requests and other security related queries that arise.
What experience you need
* Bachelors Degree in Computer Science, Information Systems/Technology, Business or equivalent work experience.
* Thorough understanding of information security practices and methodologies
* Experience performing assessments of information security programs
* Familiarity with ISO 27001, PCI and other security frameworks
* Security Certifications such as CISSP, CISA, CRISC,CISM
What could set you apart
* Familiarity with project management, SharePoint and related technologies preferred
* Experience documenting business processes or technical procedures preferred
* Knowledge and experience of Cloud security
#J-18808-Ljbffr