The role of the Security Analyst will involve:
- Coordinate with third-party providers in order to deliver technical security control assessments in the areas of penetration testing, vulnerability scanning, application security testing and firewall assurance.
- This involves:
- Scoping of these tests
- Coordinating the timely execution of the testing schedule
- Reviewing, prioritising and coordinating remediation of findings and issues
- Conduct IT security control testing and evidence review (e.g. in the area of identity and assess management ) and provide associated improvement recommendations to help ensure controls outlined in policies and standards designed and operating effectively.
- Perform information security assessments to help ensure third party suppliers apply security controls in adherence with policies and standards.
- Monitor and prepare reporting for key risks and performance indicators of third-party service providers to help ensure that trends and risks are easily identified and escalated to management.
- Support the Security Supplier Governance Manager in overseeing the delivery of outsourced delivery services by the Tier 1 and Tier 2 security suppliers by monitoring and reporting compliance to Service Level Agreements (SLAs).
- Information Security and /or Information Technology industry certification (CISSP-ISSAP, CISA or equivalent) strongly preferred
- Member of Institute of Information Security Professionals (M.IISP) or have the qualification, skills and experience to become a member
- Prior work experience in information security is essential
- Hands-on experience in performing control-level technical cyber risk assessments
- Experience in managing third-party relationships is essential
If you are interested in this role, please apply below or contact me for more information.
Eames Consulting is acting as an Employment Agency in relation to this vacancy.