Lead Information Security Analyst - Edinburgh, United Kingdom - Change Recruitment

Change Recruitment

Verified Company

Edinburgh, United Kingdom

3 weeks ago

Posted by:

Tom O´Connor

beBee Recruiter

Description

Lead Information Security Analyst - Edinburgh - up to £75K plus benefits (Hybrid working)
This is a new permanent position with a financial services company in the UK.

As a part of the existing security team, you will have experience in managing risk assessment programmes, identifying potential threats and building up a bigger picture for theentire company from these individual components.

This role requires you to develop awareness of the company's operational model, internal core systems, existing controls, processes and procedures to help understand and improve their security capabilities.

This will include analysing existing controls, identifying potential sources of harms, conducting tabletop exercises to test assumptions, and maintaining documentation.

This includes reviewing and working with their outsource partners and vendors that formtheir supply chain.

This is an opportunity to be part of a highly technical, supportive & collaborative team that will certainly advance your career.

You will also receive a highly competitive salary with excellent benefits and flexibility.

This role is extremely varied, day to day you will spend your time:

Working with teams to document security controls
Using that information to improve the company's understanding of their wider security capabilities
Embedding security thinking into how the company works
Working with auditors to demonstrate the company's understanding and controls
Working with other teams who perform oversight in related areas including Data Governance, Operational Resilience, and Risk
Conducting tabletop exercises to validate assumptions
Supporting the incident response team when there is a security concern
Developing continuous improvement plans for internal and external teams
Supporting teams as they deliver improvements

There is more importance on cultural contribution above technical ability, but really like you to have/be:

Experience gaining and maintaining certification such as CyberEssentials+ or ISO2700
Experience of threat modelling
Focused on delivering positive outcomes
Experience of creating and facilitating risk assessments
Experience of project management, documentation and reporting
The ability to work well with others and building relationships
The ability to work under pressure, good work ethic and high levels of motivation
A team player, approachable, helpful and willing to go the extra mile
Knowledge of using collaboration tools such as Jira, Wiki, M36
Experience supporting an incident response processes