Information Security Analyst

We have an exciting opportunity for a Group Information Security Analyst to join our team based in Wythall with hybrid working available (3 days a week in office). You will join uson a full time, permanent basis, and in return, you will receive a competitive salary, as well as fantastic benefits.

Grafton Group plc is an international trade-focused, multi-channel distributor of construction products. The success of the business is based on the quality of the products it distributes and the quality of the service it provides to its customers. We are one of the leading players in the distribution, merchanting and retailing sectors in the UK, Ireland, Netherlands and Finland.

About the role:

The Group Information Security Analystis a primary contributor to the design, implementation and maintenance of Grafton Group’s Information Security and data protection technology solutions, services, and processes, to ensure that information security risks are effectively managed, in line with business objectives, strategy and risk appetite. The role holder will work to improve Information Security controls in the business, adapting as new security threats emerge and the threat landscape evolves, to reduce the risk of losses to the business.

Key responsibilities of our Information Security Analyst will include

• Maintenance of Information Security technical controls across all Grafton subsidiaries, such as EDR, vulnerability scanning, and security event management. This will include innovative technology solutions to enhance Grafton’s security posture against the rapidly evolving cyber threat landscape
• Support security reviews of third parties who provide IT solutions and/or process data for Grafton Group
• Implementing and overseeing ‘first line of defence’ security operation controls, including access control, security event monitoring, patch management, endpoint threat detection, data leakage prevention
• Participate in the Information Security incident management process, including contributing to process enhancements when needed
• Work closely with Group and business unit IT teams to ensure appropriate Information Security and data protection controls are embedded within projects
• Perform technical analysis and compliance reporting against appropriate control frameworks and international standards
• Providing Information Security technical consultancy across all Grafton business units and support them in complying with Grafton security standards and the Information Security Framework
• Organise technical security testing including penetration testing

What we are looking for in our Information Security Analyst:

• Knowledge of implementing security technology controls, secure configurations, and implementation of security projects
• Excellent written and oral communication skills, with the ability to effectively communicate at all levels of the organisation
• Build and maintain strong, collaborative relationships with technical and non-technical stakeholders
• Ability to carry out high-quality data analysis and formal report writing
• Practical knowledge of Information Security risks management, controls and frameworks (e.g. NIST and PCI-DSS)
• Passion for Information Security and supporting the business in reducing risk, with a proactive attitude toward maintaining up-to-date knowledge
• Knowledge of IT systems, networking principles and associated technology-based security controls
• Knowledge of logical access control management and administration
• Broad knowledge of GDPR and PCI DSS
• High level of personal and professional integrity

Benefits of joining Grafton Group plc 

• Annual bonus opportunity
• 25 days holiday a year (plus bank holidays)
• Holiday buy scheme
• Discount card for Grafton brands
• Salary sacrifice pension contributions
• Health Cash plan – claim money back on everyday healthcare needs and treatments (dental, physio, prescriptions to name a few)
• Share saving scheme
• Company sick pay
• Life assurance
• Cycle to work scheme
• 100’s of retail discounts available through our flexible benefits portal

Click apply today to be considered or to find out more about the Group Information Security Analyst role – we would love to hear from you!