Job ID 197117
Infused Solutions have partnered with a market leader who is looking for an IT security analyst to join them on a permanent basis paying between £55,000 – £60,000, if you're looking to build a career with organisation who has heavily invested in the latest tech this is for you. This is a remote role we can only accept UK based candidates are not able to offer sponsorship.
Key duties and responsibilities:
Working within the Security function of the Digital Delivery Business unit:
Supported by the Enterprise Security Lead, you will help develop a series of documented processes to both set and measure a series of standards for operational use across the business, the output from your work will form a strong part of the evidence pool for both internal and external security audits. This will entail reviewing/updating/creating Policies, Processes, Procedures and Standards as and when required.
Develop and maintain a series of metrics and associated reports that will be clear and relevant for each stakeholder group across the business, these reports will support senior management colleagues in their management of activities to achieve the overall information and cyber security goals, current posture, and maturity of the company.
Support the Enterprise Security Lead in developing and maintaining both a strategy and Security maturity model that can be benchmarked with similar organisations.
Designing/developing/implementing best practice security for cloud infrastructure and development pipelines.
Monitor security maturity across multiple cloud platforms, providing management reporting for cloud services security including recommendations for improvements.
Provide input and feedback on platform engineering and cloud services security policies and architecture
Collaborate with architects, application developers, Site reliability/Cloud Engineers and database administrators on security matters
Support and lead on Security Testing engagements and assist with the governance of findings, remedial works, re-testing where appropriate and the risk management process.
Deputise for the Enterprise Security Lead where required.
Work closely with our primary outsource provider, including both onshore and offshore teams, assuring the operational security service they are contracted to provide.
Liaise with Information Governance, risk management colleagues, Onshore Security Lead and Offshore security operations centre to achieve enterprise security assurance objectives
Accountable for a 'live' operational view of cloud infrastructure security compliance including any deviation from the desired state and mitigation
Be the subject matter expert in software engineering security practices for Digital and Data teams across the business.
Design and develop security automation within 'Infrastructure as Code' platform designs that meet CIS standards
Maintain a view of the latest technologies and security best practices for multi-cloud infrastructures, proposing upgrades and changes to leaderships teams, implementing agreed improvements and monitoring performance.
Skills, qualifications, and experience:
One or more of the following qualifications: CompTia Security +, CISM, GIAC, CISSP, CISMP or SANS Certification.
ITIL V3/V4 Foundation and above.
Significant experience in a similar role, however lesser experience will still be considered for the right candidate.
Ability to influence a community of engineers to appreciate the importance of security testing.
Good understanding of both the technical and operational aspects of IT systems and services.
A confident communicator, both verbal and written, comfortable engaging with internal customers at all levels, both technical and non technical.
Working knowledge of securing AWS/Azure/GCP infrastructure, particularly AWS trusted advisor and CIS Amazon webservices scoring.
Working knowledge of cloud engineering standards and practices.
Working knowledge/understanding of DevSecOps processes and associated best security practice.
Working knowledge/understanding of software engineering practices.
Working knowledge/understanding of the adherence to standards such as ISO27001, CIS-20, NIST CSF, OWASP, MITRE ATT@CK, COBIT, GDPR etc.
Experience working with outsourced IT service providers.
Strong experience of Microsoft Office Products for analysis, presentation and reporting.
If this is of interest or if you require more info please get in touch with Ash Ali on for immediate interview slots
Job Title: IT security analyst
Job Type: Perm
Location UK remote
Salary: £55,000 – £60,000