Senior Information Security Analyst

Senior Information Security Analyst
15-month FTC
London/Hybrid
To £100k plus bonus plus Benefits

ISO27000, NIST, Risk, IT Security

Senior Information Security Analyst is required for a 15-month maternity cover at prestigious financial services organisation. This role will join their Information Security Risk team within the Group Risk Function. This is a supervisory role managing a team of two Information Security Analysts.
Key Responsibilities:

• Adherence to the Information Security Standards by control owners
• Training and Awareness Programme
• Phishing Tests of staff, reporting and training
• Actionable Threat Intelligence including Domain Monitoring, Social Media and Deep and Dark Web monitoring
• Data Loss Prevention/Detection - monitoring staff’s use of email and web usage to detect any non-adherence of acceptable use
• Committee papers showing KPIs/KRIS and supporting documentation.
• Third Party Reviews of suppliers
• Managing annual risk assessment process and presenting results to senior management.
• Performing analysis and testing of controls within our internal environment.
• Managing the training and awareness program from employees globally including;
  - Evaluating the trends in Human Risk, using available technology to understand the areas that require staff to be trained in
  - Designing and releasing eLearning modules for all staff
  - Participating in Cyber Security awareness month and organising educational activities.
  - Writing global communications.

• Working with IT and the business to deliver key certifications and meeting ever changing regulations.
• Conducting timely Information Security assessments of third-party suppliers, recording results accurately and initiating appropriate responses.
• Participating in ad hoc projects to provide analysis on Information Security risks
• Manage the data incident process/es to investigate any potential breaches highlighted
• Organise Information Security Education and Awareness campaigns including phishing simulations and producing regular and ad-hoc group metrics
• Work with IT to optimise security controls and improve the firm's external cyber posture to reflect the continually changing threat environment
• Prepare and deliver Management Information relating to the Risk & Control programme

Key Requirements:

• Min. of 5 years of experience, with a combination of risk management, Information Security and IT roles
• Previous line management experience
• Knowledge, experience and understanding of ISO27000, NIST CSF and audit processes
• Excellent analytical skills, the ability to manage multiple projects under strict timelines
• Degree in business administration or a technology-related field, or equivalent work related experience
• Desirable Qualifications - ISACA CISA or CRISC
  

For a full consultation please email your CV to Arc IT Recruitment.