Monarch Recruitment Limited

Senior Information Security Analyst

Senior Information Security Analyst 

Location: Coventry
Salary: Competitive

Monarch IT is on the lookout for Information Security Analysts for a well-established retail store.

Continuously growing, the company has a number of different revenue streams.  

Currently the Information Security team has around 60 employees, however the continuous expansion means that the team is continuously growing and is constantly on the lookout for new talent.  

With fantastic company culture, the company takes pride in its employees and offers a top of the market training.

As a Senior Information Security Analyst you will be a part of the Information Security Product Assurance Team, which provides end to end assurance of IT products across the company. 

Responsibilities:

- Work with limited supervision, with the responsibility for Security input to a portfolio of Products.
- Provide end to end engagement on a range of IT projects making sure that the security is built in.
- Review architectural and design documents
- Define Security Non Functional Requirements for each project and ensure that they are fulfilled prior to going into service.
- Ensure the relevant technology standards are applied to specific projects.
- Produce resource estimates for Information Security engagement on projects and record your time on the current resource management tool.
- Scope and manage Penetration Testing including the production of a plan to remediate vulnerabilities identified during any tests in a timely manner.
- Liaise with the Information Security Testing Team to ensure that Code Reviews, Application Scanning and Infrastructure Scanning is conducted in support of In-House Development utilising Agile delivery methodologies.
- Provide end to end assurance of IT products across the Group, during business as usual throughout a product’s lifespan, protecting client and employee data and ensuring compliance with Information Security policies and standards.
- Responsible for ensuring that any vulnerabilities identified are processed in accordance with the latest Information Security Risk Management process.
- Carry out PCI impact assessments on projects
- Mentor junior/less experienced Analysts.

What I need to know

- CISSP or CISM essential
- Working knowledge of different delivery methodologies (Waterfall, Agile or Hybrid)
- Strong risk management knowledge and experience.
- Knowledge and skills to manage Penetration Testing processes
- Understanding of IT concepts and architectures including Cloud, BYOD and Mobile Device Management
- Knowledge of OWASP vulnerabilities, tools and methodologies.
- Knowledge of HTTP, SSDLC and Security Testing.
- Strong knowledge of PCI and ISO27001.

 

For more information contact Paulina on 01212373358




Share Job