This website requires JavaScript to work properly.
To enable JavaScript in your web browser please follow these simple instructions.

Information Security Analyst Team Leader

Salary: up to £40,000

Salary type: Dependent upon experience

Location: Homer Road, Solihull

Business area: IT

Date posted: 2017-03-10

Brief description

Do you have at least four years’ experience working in information security or IT risk? We’re looking for someone with an understanding and knowledge of regulatory compliance requirements and previous people management experience, to lead our team of security analysts.

Purpose of the role

Provide leadership to a team of security analysts devising and implementing an IT Controls testing framework to ensure compliance with Information Security policies and practices in line with ISO27001, and other security frameworks.

Duties & responsibilities

  • Develop, obtain approval and maintain an annual compliance test schedule for IT Controls
  • Undertake compliance testing of IT Controls in accordance with the annual test schedule, following control testing guidelines advised by the Group Risk and Compliance division
  • Produce compliance test report for tests undertaken and manage the findings through the Corrective Actions Register
  • Identify and escalate Information Security risks, incidents or issues
  • Provide support and assistance with both internal and external audits relating to information security
  • Manage the PCI DSS SAQ (Payment Card Industry - Data Security Standard - Self-Assessment Questionnaire) process ensuring that the questionnaire is completed by its annual deadline
  • Assist the ISMS (Information Security Management System) Manager in the development and maintenance of suitable information security training and awareness programme and materials, and providing evidence of competencies
  • Assist and support the third party due diligence and security evaluation processes
  • Assist in the completion of the FCA Complex IT Control form and collation of supporting documentation as required by the Director for GITRM (Group IT Risk Management)

Skills

  • Knowledge and understanding of ISO27001/02 standard, along with knowledge of the Data Protection Act
  • Knowledge and understanding of IT Service Management practices
  • Knowledge and understanding of the System Development Life Cycle for waterfall and agile methodologies
  • Ability to understand the balance between business requirements, priorities, ICT service delivery and information security
  • Knowledge of regulatory compliance requirements in information security

Qualifications and experience

You must have at least four years’ experience working in information security and / or IT Risk, and a relevant qualification in either of these areas would be beneficial. You must also have experience of managing others.

The ideal candidate will also have experience of PCI DSS (Payment Card Industry – Data Security Standard) and in conducting controls testing / audits. Previous experience of working within Financial Services would be advantageous.

Working hours

37.5 hours per week, Monday to Friday, 8.30am to 5.00pm (one hour for lunch).

Training

Relevant training will be provided.

Apply now Back to vacancies

IiP

ACCA

ACT-CPD

Living wage

WiF

CiMA