London

31st December

PURPOSE OF THE ROLE:

This position is a full-time role, as a part of the GRC (Governance, Risk Management & Compliance) team to support information security governance across the organisation. You will be supporting the Head of Information Security in managing all aspects of the information risk, compliance and governance programmes; ensuring that industry standards and best practices are implemented as part of an integrated approach to compliance across the organisation.

KEY RESPONSIBILITIES:

The Information Security Analyst role will assist the Head of Information Security in the following:

  • ISO 27001 and PCI DSS compliance
  • Organisational compliance with Information Security policies
  • Security risk assessments across the group and report on ways to minimise threats
  • Information Security audits as per a defined risk-based audit plan
  • Supplier due diligence and assessments
  • Addressing client enquiries (e.g. through questionnaires) related to Information Security
  • Tracking the latest security innovations and keeping abreast of the latest cyber security technologies
  • Information Security incident management
  • Promoting a security culture within the organisation

SKILLS, KNOWLEDGE & EXPERIENCE:

  • 1-3 years of professional experience in Information Security and/or IT auditing
  • A high-level knowledge of industry standards such as ISO 27001 and PCI DSS, network and security technologies and web application security concepts
  • Knowledge of Data Protection best practices and GDPR compliance is desirable
  • Excellent attention to detail
  • Good verbal and written communication skills
  • Ability to make effective use of resources available to complete tasks to agreed deadlines