- Remote/Hybrid opportunity
- NVVP and SC clearance required
About Our Client
Public Sector and Government organisation based in Gloucestershire.
The Security Analyst:
- Conduct/Manages security risk and vulnerability assessments for defined business applications or IT installations in defined areas, and provides advice and guidance on the application and operation of elementary physical, procedural and technical security controls (e.g. the key controls defined in ISO27001).
- Manage security incidents assigned within the agreed response and resolution timescales.
- Manage security requests/assessments via the ICT Security Working Group and project teams via commissioning process.
- Be point of Escalation of major incidents and any risks impacting our services/data to the ICT Technical Infrastructure Manager and Force Information Security Officer.
- Have a strong technical security understanding in order to support the department and business, liaising with both internal teams and 3rd party suppliers.
The Successful Applicant
The Security Analyst skills: The selection, design, justification, implementation and operation of controls and management strategies to maintain the security, confidentiality, integrity, availability, accountability and relevant compliance of information systems with legislation, regulation and relevant standards.
- Conducts security control reviews across a full range of control types and techniques, for business applications and computer installations. Seeks guidance from more experienced or specialised practitioners as required. Recommends appropriate action to management.
- Identifies threats to the confidentiality, integrity, availability, accountability and relevant compliance of information systems. Conducts risk, vulnerability and business impact assessments of business applications and computer installations and recommends appropriate action to management.
- Investigates major breaches of security and recommends appropriate control improvements. Conducts investigation, analysis and review following breaches, and manages the investigation and resolution of security incidents, in accordance with established procedures including incident management procedures. Prepares recommendations for appropriate control improvements, involving other professionals as required.
- Contributes to development of information security policy, standards and guidelines.
- Provides authoritative advice and guidance on security strategies to manage identified risks and ensure adoption, and adherence to standards. This includes advice on the application and operation of all types of security controls, including legislative or regulatory requirements such as data protection / GDPR and software copyright law.
- Plans and leads the work of small teams of security staff, and acts as project manager on complex IT security specialism projects.
- Delivers and contributes to the design and development of specialist IT security education and training to IT and system user management and staff.
- Manages the operation of appropriate security controls as a production service to business system users.
- Designs the security components of systems architectures.
What's on Offer
Salary up to £52,500
£4,000 on call allowance
Great all round benefits package, fantastic Pension scheme
Remote working but may be required to travel to Gloucestershire on occasion.
Ongoing training and progression