You will be responsible for establishing and maintaining a vision, strategy, and program to ensure information assets, developed products and technologies are adequately protected.
The Information Security Analyst will work in identifying, developing, implementing, and maintaining processes across the business to reduce information and information technology risks. To be responsible and respond to incidents, establish appropriate standards and controls, manage security technologies, and direct the establishment and implementation of policies and procedures. The Information Security Analyst will also play a large part in ensuring information-related compliance where applicable such as GDPR. The Information Security Analyst influence reaches the entire business.
Main Duties and Responsibilities: Essential duties may include, but are not limited to, the following:
Adopt and implement information security policies and processes
Work with 3rd parties to ensure security policies are implemented and develop appropriate reporting and metrics
Take a risk based approach to the continual measurement and enhancement of the security landscape
Monitor Information Security controls and processes through actionable metrics
Work with the wider IT team to raise the level of Novosco’s information security awareness and compliance to security policies with practical initiatives
Assess, review and audit systems and controls in line with Policy & Standards
Champion an Information Security culture and embed its principles throughout the landscape
Install, configure and deploy Security related products and toolsets
Respond to and deal with Information Security incidents
Please note that this job description is subject to ongoing review as new demands and best working practises are considered, agreed and implemented.
Experience and skills:
Experience (essential):
Understanding of Information Security principles
Excellent knowledge of security related legal and regulatory requirements
Excellent written and verbal communication skills
Web security experience
Ability to build strong internal and external stakeholder relationships
Able to explain information security concepts and risks in terms non-technical people will understand
Experience (desirable):
Previous experience in a similar role
Technical understanding of Networks and AD
Pen testing experience
Experience with a Security Incident and event management toolset
Experience of public cloud security, particularly AWS and Azure
Ability to install Security software and applications.
Interpersonal Skills:
Articulate and a clear communicator
Be a customer advocate
Have the ability to converse technical terms and definitions to non technical personnel
Meticulous with excellent attention to detail
Able to multitask and handle large amounts of complex information
Additional Information
Training: Internal training on products and services will be provided. However, staff are expected to consistently keep abreast of new developments, which would impact on their areas of responsibility. Personal training in relation to this job description will be given as part of the company’s overall personnel development program.
Conditions of Employment Salary: The salary and benefits for this position will be determined according to the experience of the person appointed.
General Guidance: The nominal working week is 37.5 hours, although a degree of flexibility is both offered and expected. In specific circumstances there may be a requirement to work additional hours. Annual holidays are 24 days plus 7 statutory holidays. Novosco Ltd operates a Non Smoking Policy. Novosco Ltd is an Equal Opportunities Employer.
This job comes with several perks and benefits
Get your caffeine fix to get you started and keep you going.
Kids are the future, go spend time with them.
We take care of you, even when you are old and wrinkly.
Social gatherings and games; hang out with your colleagues.
Time is precious. Make it count. Morning person or night owl, this job is for you.
Easy access and treehugger friendly workplace.