Purpose of the role:
Our client is looking for an Information Security Risk Analyst to add value across their teams, proactively partnering with the business to continually assess and identify potential risks, evaluating these to ensure that they are appropriately mitigated through properly implemented policies, procedures, training, systems and controls.
Responsibilities:
- Review and maintain Information Security policies
- Assist with evaluation, implementation and management of new Information Security initiatives
- Support compliance with ISO27001 certification
- Manage and maintain the Information Security Asset Management program
- Provide targeted training to business units in support of the Information Security awareness campaign
- Monitor and review IT security controls to identify operational effectiveness
- Define and report regularly on Information Security metrics and KPIs
- Assist with log management - review, alerting, investigating and escalating as appropriate
Skills required:
- Minimum of 3 years' practical experience of operating within an Information Security role
- Involvement with compliance monitoring programmes and carrying out reviews testing adherence to laid down procedures
- Technically strong with good IT ability - including a minimum of a working knowledge of Microsoft suite
- Excellent relationship management skills = proven experience of building internal and external relationships, through strong interpersonal and team working skills