Durham Professional Services has an opportunity for an Information Security Analyst to work with our client on a permanent basis in Glasgow. This is a hands-on role working with our client to ensure that the information security policies and standards are upheld.
You will already have experience of working in an information security team and have an excellent understanding and experience of working with information security policies and standards to ensure compliance.
Key Responsibilities:
- Engaging with internal projects to make sure that information security requirements are met during every step of the process.
- Liaise with third parties and provide the assurance required for a business tender or information security audit.
- Conducting due diligence steps against third parties who are entrusted to handle client information.
- Carry out compliance reporting on external frameworks such as DPA, GDPR and PCIDSS.
- Create and carry out an audit process for third parties so that risks are identified and managed.
- Work closely with the Information Security Operations Analyst to identify risks.
- Manage the information security risk register.
- Advise on information security risks and make sure that they are clearly articulated and understood.
- Identify and escalate any risks, issues, threats and vulnerabilities to the Information Security Officer.
- Establishing relationships with internal and external stakeholders
Essential skills
- Proven experience of working in an information security team.
- Knowledge of information security frameworks, including PCIDSS, data protection, GDPR, ISO27k series.
- Thorough understanding of the risk management process.
- Broad and in-depth understanding of information technology stacks including networks, server, client, mobile and security technologies.
- Third party assurance and due diligence experience.
- Information security project engagement experience.
- Strong communication skills, situational analysis and decision-making abilities.
- The ability to manage your workload according to business and operational demands.
- Qualifications within IT security such as CISSP, CEH, CISM are highly desirable but not essential.
As well as a great environment and competitive salary, our client also offers excellent additional benefits such as
• Flexi-time
• Remote working
• Training and conference fund
• Casual dress
• Private medical insurance
• Contributory pension scheme
“We are committed to equality of opportunity for all staff and applications from individuals are encouraged regardless of age, disability, sex, gender reassignment, sexual orientation, pregnancy and maternity, race, religion or belief and marriage and civil partnerships."