Senior Information Security Analyst - Rotherham, South Yorkshire, United Kingdom - Pearson

Description

Job Description

About the Job

The Senior Security Analyst is responsible for supporting the Business Information Security Manager in delivering the Pearson UK Assessment & Qualification's divisional information security program. The role requires frequent interaction with business and technology partners and covers a broad range of platforms and technologies. The responsibilities include:

• Working with cross-functional project teams to ensure secure delivery of the change program across the complete project lifecycle and authorizing security sign-off.
• Providing input into divisional security strategy and roadmap planning.
• Supporting the secure development process (SDLC) working closely with Development teams.
• Keeping informed of new and emerging security threats & assess effectiveness of current controls to identify opportunities for program improvement.
• Assessing compliance with security policies to identify control gaps, develop remediation plans and determine residual risk.
• Supporting the incident management process and central security operations team as a domain expert.
• Identifying, collating, and managing risks. Ensuring that actions and risks are managed.
• Provide consultancy and guidance to business partners on all matters relating to Security.
• Provide security input into bids, contract renewals and new business initiatives.
• Develop and deliver information security awareness programs within the division.
• Provide guidance and leadership to junior team members.

Essential Skills & Experience

• Prior experience in Information Security in a similar customer or business facing role.
• Current security certifications such as CISSP, CISA, CRISC, SABSA, GIAC, CCSP, CCSK or equivalent.
• Excellent technical knowledge of cloud and on-premises services and infrastructure, including network, perimeter, application and end points.
• A solid understanding of the cyber security risks associated with various technologies and how to apply appropriate controls to mitigate these.
• Strong knowledge of IT and cyber security principles and experience with specific assurance frameworks such as ISO27001.
• Experience in risk assessment and management in the context of information security.
• Ability to work under pressure and to tight deadlines and manage own time effectively.
• Excellent oral, written communication and presentation skills.
• Confident at communicating to business and technology partners and senior management.
• Ability to solve problems using initiative and a methodical approach to tasks.
• Adaptable and flexible approach and able to prioritise workloads.
• Ability to collate and analyse information from various sources.

Desirable Skills & Experience

• Previous experience relevant to Security Architecture.
• Technical (non-cyber) experience or qualifications.