Senior Information Security Analyst

Our client is looking for an Information Security Analyst to join their Information Security team which is growing! This business is at the heart of the automotive industry with an epic culture and team, giving you an awesome opportunity to grow and be part of something different and special.

They are looking for someone who can:

• Monitor and manage compliance programmes aligned to security frameworks and regulations such as ISO 27001, PCI DSS, and GDPR. Identify improvements and encourage efficiency's and automation in controls, evidence gathering, and processes.
• Support the definition and growth of the Security Control Framework, proactively designing, assessing, and maintaining effective security controls across various business functions.
• Provide expertise in risk management and the identification and assessment of security risks, ensuring they are appropriately reported through dashboards, reports, and workshops.
• Create, review, and maintain security policies, standards, and procedures, ensuring they are applied across relevant technology projects, systems, and services.
• Support in managing third–party supplier security/compliance assessments, build relationships with key suppliers, and outline steps for security improvements where appropriate.
• Coordinate internal and external security audits/reviews through delivery, evidence gathering, and reporting.
• Work with stakeholders to support the data governance and security strategy across data discovery, processing, storage, classification, retention, and disposal. Support the implementation and maintenance of security controls for the protection of data.
• Define and monitor security GRC related performance metrics, communicating and presenting updates to Senior stakeholders.

If you have the following then please apply:

• Experience in supporting Information Security GRC–focused programmes, including risk management activities
• Experience in vendor/third–party audit and compliance management
• Strong understanding of security compliance and regulatory requirements – ISO 27001, PCI DSS, GDPR
• Experience with Incident Response, Business Continuity/Disaster Recovery (BC/DR) planning and testing
• Experience in data governance & Data Loss Prevention (DLP) projects
• Knowledge of legal and regulatory frameworks relevant to Information Security, including planned future changes

If you are an experienced Information Security Analyst looking for a new opportunity to further develop your career, we would love to hear from you.