Information Security Analyst
Our client is a leading organisation in the Media sector; they specialise in media play-out and provide access to
broadcast content across all media, from television to mobile phones.
They require an Information Security Analyst to join the team. You will be reporting to the Head of Information Security.
THE ROLE - MAIN RESPONSIBILIITES
Primary responsibilities include audit compliance against Information Security Policies and Standards; also assuring
adherence to client security requirements. Ensuring projects are deployed with the appropriate security controls to
protect the confidentiality, integrity and availability of data and that of its clients. The role holder is expected to have
knowledge and experience of both information security principles and compliance auditing and will apply this expertise
to support the security compliance of the business as a whole.
Conduct audits of internal business units to ensure compliance to both group standard and client security requirements.
Conduct security assessments of current and potential suppliers.
Conduct security risk/threat assessments of new projects to reduce risk to an acceptable level.
Maintain a risk register for each developed project.
Make security recommendations as part of a continuous improvement programme to assure the confidentiality,
integrity and availability of data and that of its clients.
Proactively identify and assess potential likelihood and impact of risk to our client.
Analyse security incidents, real and potential, initiate and monitor effective incident resolution.
Maintain up-to-date knowledge of information security threats, technologies and best practices.
Investigate and recommend methods for vulnerability remediation.
Use penetration testing and vulnerability assessment tools, or coordinating the use of these tools by third parties or
internal teams; oversee external penetration testing exercises.
Promote security awareness and best practices throughout the business.
Assist with Change Request approvals ensuring proposed changes meet information security policies and standards.
EXPERIENCE AND KNOWLEDGE
At least 5 years in an information security compliance or analyst role.
A recognised and valid industry certification/accreditation in information security such as CISSP.
Knowledge of best practice security frameworks (for example, ISO27001, OWASP, etc.), information security controls,
methods and techniques.
Experience in performing information security assessments and security reviews.
Proven experience with vulnerability assessment tools such as Tenable Network Security Nessus.
Self-motivated with the willingness and ability to work effectively under pressure, either alone or as part of a team.
Technology and product expertise in firewalls, intrusion detection/prevention systems, router ACLs and switch security
Knowledge of recent hardware, software and network architectures and how security policies can be implemented in
Working with and influencing key stakeholders to deliver successful information security outcomes.
Knowledge of ITIL best practices.
A good understanding of industry trends and the potential impact on producers, distributors and consumers of content.
For further information please contact firstname.lastname@example.org