- Supports the ongoing alignment of information security strategy to business objectives
- Manages risk registers and audit findings, ensuring risks and findings are actively managed by their owners and that exception requests are subject to appropriate authority
- Delivers robust governance processes in the delivery of Halfords Technology capabilities
- Manages an effective information security risk management capability that assesses and manages risk to an acceptable level
- Delivers security processes that include self service capabilities and automation
- Implements an ongoing information security compliance programme
- Supports project and initiatives to ensure that security requirements are incorporated and addressed via a secure by design approach
- Reviews and approves changes as part of Halfords technology change management process.
- Provides a focal point within Halfords for information security expertise
- Supporting the implementation of the information security programme
- Managing and updating Halfords GRC tool to ensure effective operation of Halfords Security and Privacy processes
- Managing the Halfords Security and Privacy project/initiative engagement processes
- Driving information security policy development and annual review processes
- Ensuring that colleagues, contractors, and vendors are aware of and understand Halfords information security requirements and guidance. This may include delivery of training.
- Consolidating relevant audit actions and tracking remediation through to closure
- Acting as an information security subject matter specialist to the business
- Producing monthly metrics and management reports
- Maintaining the information security and technology risk register in the GRC tool
- Carrying out information security risk assessments for projects, key systems, and third parties
- Ensuring that risks/issues are identified and evaluated in line with Halfords risk methodology
- Ensuring risks are owned at the appropriate level, actively managed, and that exception requests are subject to appropriate authority
- Assisting with the development of the GRC tool and processes driving continual improvements in effectiveness and efficiency
- Supporting the information security incident response process as required
- Producing monthly metrics and management reports
- Carrying out compliance assessments including but not limited to: Halfords information security controlsIdentified external regulationsContractual obligations
- Acting as a point of contact for internal and external information security audits
- Tracking noncompliance and audit findings through to remediation and closure
- Contributing to third party due diligence questionnaires received by Halfords
- Maintaining a rolling 12-month compliance schedule
- Producing monthly metrics and management reports
- Coordinating Halfords annual PCI-DSS assessment
- Must have proven experience and knowledge of: Information security risk and compliance managementCyber/information security conceptsConducting information security risk assessmentsConducting and coordinating compliance assessmentsWriting information security policies and controls
- Should have experience and knowledge of Information security frameworks such as ISO 27001 and Cyber EssentialsPayment Card Industry Data Security Standard (PCI DSS)Governance Risk and Compliance toolsInformation Security Technical controlsEnterprise IT environmentsData Protection frameworks and requirements
- Key Skills Essential Excellent written and oral communication skillsAble to present risk in 'non-technical' business-friendly accessible languageAbility to effectively prioritise and execute tasks in a high-pressure environmentFast learner with a "can do" attitudeAbility to work independently and as part of a team Desirable Working towards one or more of the following qualifications Certified Information Systems Security Professional (CISSP)Certified Information Systems Auditor (CISA)Certified Information Systems Manager (CISM)Certified in Risk and Information Systems Control (CRISC)
-
Security Analyst
2 weeks ago
QinetiQ Great Malvern, United Kingdom Permanent / Ful-timeThe role · As a Security Analyst you'll have a role that is out of the ordinary. As a Security Analyst, you will be the first line of defence against a myriad of threats. You will be performing investigations in response to security alerts, identifying and responding to incidents ...
-
IT Security Analyst
3 weeks ago
IT Talent Solutions Ltd Ross-on-Wye, United KingdomSecurity Analyst needed on a remote basis for a very exciting international client of mine. They are looking to add a Security analyst to their SoC team to help evaluate threats and formulate responses, handle complex security incidents and drive improvementsto their EDR solution ...
-
Cyber Security Analyst
3 weeks ago
Picture More Birmingham, United KingdomA vital role within the security team providing expert up-to-date technical and business knowledge on Cyber and Information security. · Skills required: · - Firewall implementation and configuration and vendor technologies eg Cisco, CheckPoint. · - Identity and Access Management ...
-
Security Analyst
1 week ago
Phee Farrer Jones Birmingham, United Kingdom Full timeGraduate Security Analyst (Birmingham) · Education: 2:1 in STEM Subjects & A-Level Mathematics · Salary: Starting £30,000, rising to £32,000 after 4-6 months · Outline: · We have an incredible opportunity with one of the UK's leading Software-as-a-Service providers. Founded over ...
-
Risk Information Security Analyst
3 weeks ago
Careers In Group West Midlands (Region), United Kingdom**Summary**: · To ensure that the business runs in accordance with policies, standards, and risk appetite while supporting the development and operational management of risk. You will make sure that all risks, controls, events, and concerns are noted, evaluated, tracked,and given ...
-
Information Security Analyst
2 weeks ago
Locke and McCloud Birmingham, United KingdomRole: Information Security Analyst · Location: Birmingham · Salary: £45,000+ · Locke & McCloud are seeking an experienced Information Security Analyst to join a growing Information Security team at a legal services firm. · The successful individual will play an integral part in ...
-
Cyber Security Analyst
6 days ago
SF Recruitment Birmingham, United KingdomCyber Security AnalystLocation: Birmingham - Hybrid Salary: £40k - £50k DOE + great benefits We are exclusively partnered with an exciting organisation who are on the hunt for a Cyber Security Analyst to join their growing team. As a cyber security analyst, your aim is to support ...
-
Cyber Security Analyst
2 weeks ago
Sidetrade Birmingham, United KingdomCalling all tech enthusiasts Are you a problem-solving, curious, and strategic Cyber Security Analyst? Join us at Sidetrade, the leading global SaaS provider recognized by ) · About Sidetrade and its amazing R&D team · Sidetrade is a fast-growing international software company t ...
-
Information Security Analyst
1 week ago
Tarmac Solihull, United Kingdom PermanentAt Tarmac, · 'who you are' matters. We want to get to know you. If you share our values and are proud of a job well done, collaborative in working well with others and ambitious to make things better, then have a read of what we have on offer. We are currently looking for an am ...
-
Information Security Analyst
2 weeks ago
White Cap Birmingham, United Kingdom Full timeA position at White Cap isn't your ordinary job. You'll work in an exciting and diverse environment, meet interesting people, and have a variety of career opportunities. · The White Cap family is committed to Building Trust on Every Job. We do this by being deeply knowledgeable, ...
-
Security Operation Analyst
1 week ago
Jumar Birmingham, United KingdomSenior SOC Analyst (Shift Work) · Full-time on site (Birmingham) · 6 Month rolling contract · We at Jumar are looking for multiple SOC analysts at 2 different levels to join our Central Government client to work on Tier 2/Tier 3 Security Systems. · Knowledge of security systems ...
-
Cyber Security Analyst
1 week ago
SF Recruitment Birmingham, United Kingdom permanentCyber Security AnalystLocation: Birmingham - Hybrid Salary: £40k - £50k DOE + great benefits We are exclusively partnered with an exciting organisation who are on the hunt for a Cyber Security Analyst to join their growing team. As a cyber security analyst, your aim is to support ...
-
Information Security Analyst
2 weeks ago
Locke and McCloud birmingham, United KingdomJob DescriptionRole: Information Security Analyst · Location: Birmingham · Salary: £45,000+ · Locke & McCloud are seeking an experienced Information Security Analyst to join a growing Information Security team at a legal services firm. · The successful individual will play an i ...
-
Information Security Analyst
2 weeks ago
Locke and McCloud Birmingham, United KingdomRole: Information Security AnalystnLocation: BirminghamnSalary: £45,000+ · Locke & McCloud are seeking an experienced Information Security Analyst to join a growing Information Security team at a legal services firm. · The successful individual will play an integral part in imple ...
-
Information Security Analyst
2 weeks ago
Locke and McCloud Birmingham, United KingdomRole: Information Security Analyst · Location: Birmingham · Salary: £45,000+ · Locke & McCloud are seeking an experienced Information Security Analyst to join a growing Information Security team at a legal services firm. · The successful individual will play an integral pa ...
-
Security Operations Center Analyst
1 week ago
Jumar Birmingham, United KingdomSOC Analyst - Multiple Requirements: · SOC Team Leader (09:00 - 17:00, no shift work) · Senior SOC Analyst (Shift Work) · Full-time on site (Birmingham) · Outside IR35 · 6 Month rolling contract · Active SC Clearance - ESSENTIAL · We at Jumar are looking for multiple SOC analys ...
-
Security operations analyst
2 weeks ago
Hays Specialist Recruitment Limited Cheltenham, United KingdomOverviewAs a Security Operations analyst, you will play a critical role in ensuring the security and integrity of cloud-based systems. Your expertise will be essential in safeguarding digital assets, managing risks, and implementing robust security controls. If you're · passionat ...
-
Security and Fraud Analyst
2 days ago
Microsoft Cheltenham, United Kingdom Full timeOverview · Security represents the most critical priorities for our customers in a world awash in digital threats, regulatory scrutiny, and estate complexity. Microsoft Security aspires to make the world a safer place for all. We want to reshape security and empower every user, ...
-
Information Security Analyst
1 week ago
Tarmac Solihull, United KingdomAbout the role · At Tarmac, 'who you are' matters. We want to get to know you. If you share our values and are proud of a job well done, collaborative in working well with others and ambitious to make things better, then have a read of what we have on offer. · We are currently l ...
-
Information Security Governance Analyst
2 weeks ago
Mazars Birmingham, United Kingdom Full timeMazars is an engine for rapid and consistent career progression, offering individually designed career paths that help you pursue your interests, match your changing needs, and explore your true potential. We work with diverse, prestigious clients across a range of sectors and ge ...
Governance Risk Compliance and Information Security Analyst - Worcestershire, United Kingdom - Halfords
Description
Job Purpose
The primary role of the Governance Risk Compliance and Information Security Analyst is to support the Security Architect in protecting the Confidentiality, Integrity and Availability of the Group's information assets via the delivery of the Halfords Governance, Risk and Compliance framework, as well as by the operation of Halfords security processes and procedures.
You will deliver your work through Halfords Governance, Risk and Compliance framework and its security processes and procedures that:
Key Responsibilities
The job holder will be responsible for delivering the following capabilities;
Governance
Risk
Compliance
Key Skills/Experience