Information Security Analyst

This position will work alongside the current Network/infrastructure teams to define Information Security requirements, for a range of developments of security infrastructure and capabilities.

* Managing and conducting supplier risk assessments including report output and recommendations.

* Reviewing proposed additions or changes to infrastructure that impact security or compliance.

* Advising & supporting management on Compliance and Security issues.. Assisting with ensuring that CIO as a reporting entity meets appropriate security standards in line with requirements set out by Sarbanes Oxley Legislation (conducting SOX IT control procedures).

* Assisting in remedial action taken as a result of failures from a security or governance perspective

* Providing guidance and support to Affiliates on IT security or governance related topics, where necessary.

* Producing monthly & quarterly progress/status reports.

* Assisting with incident management and investigation.

* Liaising with external vendors to ensure products meet baseline security requirements as defined by policy.

Business experience:

Three years solid experience in a role of this type

* Extensive understanding of Information security management best practices, including knowledge of policies and standards (ISO27001 and BS7799)

* An in depth knowledge of network security management technologies including Firewalls, Cisco, Databases, Unix, Windows and Middleware.

* Must have the ability to coordinate and manage a number of IT Security related projects.

* Must be capable of providing easy to understand documentation and training materials supporting the security infrastructure and associated security capabilities skills in vendor risk assessment and assurance