IT Security Officer/IT Security Analyst/IT Risk Analyst - Security Audits, Risk Assessments, CISM, CISSP, CySA+, CASP+ etc; Security Standards. Guildford (2 days per week); Fully remote during pandemic, 2 days per week onsite post-return-to-office. Permanent. c.55k- 65k + Benefits
Global Insurance Company seeks an IT Security Officer/IT Security Analyst/IT Risk Analyst to assist in the development and dissemination of information security policies, procedures, and guidelines across the organisation.
This is a Security Analysis role which will require the management of audits, risk assessments and the subsequent management and oversight of remedial actions taken by various software development and DevOps/SysAdmin teams and perimeter defence Network Engineering teams.
The IT Security Officer/IT Security Analyst/IT Risk Analyst will monitor existing IT security controls to ensure compliance with security policies and procedures, identify vulnerabilities, take ownership of core security areas in active processes and projects on the security roadmap and create security policies which meet modern security compliance standards. This will involve managing the development of security procedures within the specific areas (software, network, production server, devops etc) and report to the Global Security team on the state of these areas.
Day-to-day activities will require you to liaise with various business and technical departmental stakeholders to actively identify and resolve vulnerabilities in the technical environment. You will also need to identify areas for improvement in security policies and procedures relating to multiple enterprise systems and infrastructure environments operated by the corporate entity. You will employ a variety of standards covering aspects such as COBIT, IASME Cyber Security, GDPR and work to bring systems up to standards required by the German Federal Financial Supervisory Authority: BaFin (due to the company's presence and profile in Germany).
We are searching for an IT Security Officer/IT Security Analyst/IT Risk Analyst who can bring procedural security knowledge, experience along with technical understanding of software, server and network environments and the application of security procedures within best practice. You will be an information security professional who holds certifications ranging from CySA+, CASP+, CISSP, Security+, CISA, CISM, and may have some exposure to frameworks such as COBIT, ISO27001 or have worked to FCA standards or indeed to BaFin standards within financial services. You will be familiar with undertaking risk assessments and reporting results and guidance to technical teams and business stakeholders alike and working closely with senior level business stakeholders to disseminate a security focussed approach. Excellent organisation and communication skills are pre-requisite.
Excellent opportunity to work with one of the world's largest Insurance companies employing cutting edge technologies dispersed across a global enterprise. Excellent opportunity for career growth and personal development.