Senior Cyber Security Analyst Permanent Based in Solihull (hybrid working 2/3 days in the office with the rest of the week at home) We would also consider candidates who could be based from our London office on Piccadilly with regular travel to our Solihull office. We are looking for a Senior Cyber Security Analyst to join our friendly and dynamic team here at Waterstones in Solihull. You will be a proactive person with a wide range of skills & knowledge in cyber security that can bring value and help not only manage but also continuously work towards reducing cyber risk. You should not only understand the principles of risk management & cyber security but how to practically apply them to a business environment. This role will cover a wide range of cyber security disciplines. What you will be doing Working with the Head of Cyber Security on delivering the cyber risk management strategy. Support the implementation & maintenance of cyber security policies, guidelines, standards and procedures. Maintaining PCI DSS certification for Waterstones brands. Cyber security requirements into solutions, projects and third-party supplier assessments. Provide security advice and guidance to a wider technical team. Conduct risk & vulnerability assessments and co-ordinate remediation activities. What we need from you Understanding and practical implementation of security frameworks (e.g. NIST, ISO 27001, CIS etc). Experience working with PCI DSS control requirements & QSA’s. Experience of creating (and maintaining) guidelines, standards & controls for cyber security. Log & data analysis, especially when relating to events & incidents. Experience of creating & working on cyber security KPI’s. Technical cyber security experience with knowledge & understanding how networks, operating systems, software (e.g. anti-malware) and so on work, with a focus on their cyber governance. Person Profile Certifications are desirable but not required; a demonstrated knowledge, understanding & practical application of cyber security counts! Minimum 6 years working in Information/Cyber Security roles. Practical understanding, knowledge & experience of cyber security controls. Practical understanding, knowledge & experience of multiple security products. High level of knowledge on network protocols & topology, Windows and Linux operating systems, Office 365 & Azure. A “can do” attitude, someone who when presented with challenging requirements can effectively manage risk through research, discovering appropriate solutions and seeking advice. A calm demeanour and focused but with a passion for cyber security & to implement it with the lowest risk and high effectiveness. A wide range of cyber security knowledge. Strong communication skills to be able to influence best practice at all levels of the organisation, with the ability to explain cyber security principles to non-technical business stakeholders at all levels. A business understanding and how to manage risk within it. Why work for Waterstones At Waterstones, everything we do is about our customers, and we work hard to provide them with the best possible shopping experience, one that will make them want to visit time and time again. We strive to consistently deliver fantastic customer service, whether recommending a book or a gift, keeping our shops beautifully stocked, helping out in our lovely Café W’s, or keeping the wheels turning efficiently behind the scenes. Working with us, you will get to use your expertise and enthusiasm to bring to our customers the irreplaceable pleasures of a good bookshop (including a virtual one). In return, you will be working in a role that can make a real difference to Waterstones, work in a friendly and dynamic team and get to benefit from our excellent discount in shops and waterstones.com. If you have the relevant essential experience and you are interested, we would love to hear from you.