Information Security Assurance Analyst

Information Security Assurance Analyst

Overview:

Our client is looking for an Information Security Assurance Analyst Operations. The aim of this role is the effective operation, reporting and evidencing of their technology and information security control environment and the overall Information Security Management System (ISMS).

• Based in Reigate/hybrid - 2 days in the office 3 from home
• £40,000 - £45,000
• Hybrid
• Eligibility for annual bonus, up to 15%
• 25 days holiday per annum, plus bank holidays
• Company pension scheme
• Death in service benefit
• Employee Assistance Programme

Job specification:

Maintaining and improving our ISMS –

Updating ISMS policies, procedures, standards, and guidance –

Coordinate and provide necessary support in planning and completing internal ISMS reviews.

Supplier onboarding and annual supplier security assessments –

Maintaining and developing our security awareness and education programmes –

Analysis of information security alerts and incidents –

Report on incidents, risks, threats and vulnerabilities –

Scheduling internal and external penetration and vulnerability tests and managing remediation planning

Assist in evaluation of cyber security tools

Manage online ISMS system.

Assist the ISM to deliver Information Security projects

Participate in technology and information security related audits, providing support regarding the collation and supply of evidence to requests.

Ensuring information security controls are evaluated and effective - Identifying ISMS nonconformities - Respond to audit recommendations.

Establish a good working relationship with all internal and external key stakeholders, and third-party vendors.

Create reports on information security projects and activities –

Report on information and cyber security incidents –

Create ISMS reports based on key metrics - Articulate associated risks in both technical and non-technical terminology.

Support the on-going review process to continually improve and refine the ISMS

Support the ISM in performing targeted information security risk assessments.

Identify risks, incidents, and breaches, in accordance with company policies and department procedures.

Person specification:

Appropriate level of education or professional risk/compliance/Information Security related qualifications

Experience within technology risk management and/or audit function would be beneficial

Experience of working in a regulated environment / awareness of requirements such as GDPR

Experience in the maintenance of a certified IS027001 Information Security Management System and related controls (ISO27002)

Understanding of technology and information security risk management frameworks

Excellent verbal and communication skills

Excellent team player who can establish strong working relationships

Graduates can be considered if they have a relevant degree

Refer a friend and earn £100! If you have a friend who is also searching for a new opportunity in the local area, recommend Optima and if we place them (providing they complete their 3-month probation period), you will receive a £100 retail voucher of your choice!

Please note that if you have not been contacted within 5 working days, then unfortunately on this occasion your CV has not been shortlisted.

By applying for this vacancy, you accept Optima Recruitment Limited’s Privacy and GDPR Policy which can be found on our website and therefore gives us consent to contact you.

Optima Recruitment Limited are acting as a recruitment agency in relation to this vacancy and are an equal opportunities employer.