Connecting...

W1siziisimnvbxbpbgvkx3rozw1lx2fzc2v0cy9vbgl2zxitamftzxmvanbnl29mzmljzs1izy1pbwfnzs5qcgcixv0
W1siziisimnvbxbpbgvkx3rozw1lx2fzc2v0cy9vbgl2zxitamftzxmvanbnl29mzmljzs1izy1pbwfnzs5qcgcixv0

Cyber Security Operations Analyst

Location: London, England
Salary: £60000 - £80000 per annum
Posted: 11 days ago
Contract Type: Permanent
Industry: Information & Cyber Security
Contact Name: Vinny Hughes
Contact Email: Vinny.Hughes@ojassociates.com

Vinny Hughes

Associate Director, UK

See more of Vinny Hughes's jobs

Cyber Security Operations Analyst

The Cyber Security Analyst will be a key part of the InfoSec and Risk functions working in conjunctions with the Business Information Security Officer and the Head of Technology in response to security events and establishing policies and best practices. Assist with the management and maintenance of ISMSs across regions (currently UK, Australia and Asia), including certification against ISO 27001 and region specific certifications where applicable.

Duties

Develop and maintain information security policies, processes and procedures to support ISMS implementation and improvement across the organisation

Coordinate and participate in risk and security assessments to identify information security risks, threats and vulnerabilities and provide recommendations for and implement where appropriate, remediating controls/processes.

Ensure that core ISMS documentation is accurate and updated in a timely manner including the Risk Register, Information Asset Register, Statement of Applicability and Incidents and Actions Register

Ensure all Security events are properly documented/ tracked to meet audit and risk requirements

Conduct compliance audits across a range of information security controls that support the certification requirements of ISO 27001 and other security certifications as required

Facilitate the implementation of security controls in a coordinated manner based on enterprise control mappings.

Compile information security measurements and metrics supporting enterprise reporting

Own and manage the investigation of security incidents as required in coordination with the Incident Response Team.

Oversee security calendar tasks and ensure they are performed on schedule

Advise and work with Risk and Control management regarding security policies and processes

Provide recommendations on vulnerability scanning or penetration test remediation and risk mitigations

Respond to customer RFPs and Due Diligences relating to security requirements as required

Qualifications and Experience:

  • 5+ years of experience in information security, audit and risk management
  • At least one of the following certifications: CISSP, CISM or CISA. PCI ISA and/or GIAC/GSEC certifications are also a plus
  • Proven knowledge and understanding of risk management and audit methodologies, and tools that support audit and risk management processes. COBIT5 a plus
  • Proven experience Support ISMS / ISO 27001
  • Experience working in software development or SaaS will be highly regarded
  • Ability to work effectively in a multi-location team environment and across all organizational levels, where flexibility, collaboration and adaptability are important
  • Ability to function and perform independently with minimal supervision
  • Passion for cybersecurity and an awareness of the current threat landscape
  • Ability to communicate effectively, in both written and verbal format

Similar Jobs