*** This role will involve working in London/1 day in Brighton and 3 days from home ***
The role of the Security Analyst will involve:
- Coordinate with third-party providers in order to deliver technical security control assessments in the areas of penetration testing, vulnerability scanning, application security testing and firewall assurance.
- This involves:
- Scoping of these tests
- Coordinating the timely execution of the testing schedule
- Reviewing, prioritising and coordinating remediation of findings and issues
- Conduct IT security control testing and evidence review (e.g. in the area of identity and assess management ) and provide associated improvement recommendations to help ensure controls outlined in policies and standards designed and operating effectively.
- Perform information security assessments to help ensure third party suppliers apply security controls in adherence with policies and standards.
- Monitor and prepare reporting for key risks and performance indicators of third-party service providers to help ensure that trends and risks are easily identified and escalated to management.
- Support the Security Supplier Governance Manager in overseeing the delivery of outsourced delivery services by the Tier 1 and Tier 2 security suppliers by monitoring and reporting compliance to Service Level Agreements (SLAs).
- Information Security and /or Information Technology industry certification (CISSP-ISSAP, CISA or equivalent) strongly preferred
- Member of Institute of Information Security Professionals (M.IISP) or have the qualification, skills and experience to become a member
- Prior work experience in information security is essential
- Hands-on experience in performing control-level technical cyber risk assessments
- Experience in managing third-party relationships is essential
Eames Consulting is acting as an Employment Agency in relation to this vacancy.