Information Security Analyst - Product Assurance
Join to apply for the Information Security Analyst - Product Assurance role at ACCA Careers.
Job Details
Job Title / Role: Information Security Analyst - Product Assurance
Reporting to: Information Security Manager - Sainsbury's
Division/Dept: Data Governance and Information Security (Corporate Services)
Location: Holborn, Coventry, Manchester (Flexible)
Role Overview
As an Information Security Analyst in the Data Governance and Information Security Team, you will work within the Product Assurance team to ensure our Engineering and Development communities build and maintain secure products throughout their lifecycle. You will review our security posture and lead improvements aligned with evolving threats and business objectives.
Key Responsibilities
* Work flexibly within Engineering Teams, maintaining governance and challenge.
* Ensure security is integrated by design, protecting data appropriately.
* Define and verify Security Non-Functional Requirements for projects.
* Coordinate with Testing teams for ethical hacking, code reviews, and scans.
* Provide assurance for IT products across their lifecycle.
* Communicate risks effectively to technical and non-technical stakeholders.
* Identify, assess, and manage risks related to Cloud and Data.
* Build strong relationships with stakeholders to drive security decisions.
* Engage with third-party partners supporting Sainsbury's.
Candidate Requirements
* Minimum 4 years of security experience ensuring secure system design and improvements.
* Knowledge of containerization (Docker, Kubernetes).
* Understanding of logging, monitoring, load balancers, API gateways.
* Familiarity with GitHub, Jenkins, Jira.
* Basic knowledge of OWASP Top 10, Mitre ATT&CK, NIST, PCI-DSS, Cyber Kill Chain.
* Understanding of PAM, EDR, AV, IPS, SIEM, WAF, DLP.
* Ability to verify solutions and provide controls/testing evidence.
* Awareness of current threat landscape and security risks.
* Strong analytical and reporting skills.
* Experience with serverless cloud tech like AWS Lambda and storage.
Preferred Qualifications
* Certifications such as Security+, Network+, Linux+, Cloud+, Data+; CSA CCSK/CCAK; AWS Security; Azure Security Engineer; (ISC)² CISSP/CCSP/SSCP; CISA/CISM/CRISC/CGEIT; MSc. in Cyber Security.
Benefits & Culture
Enjoy flexible working, colleague discounts, holiday allowance, bonus, pension, and various other benefits. We foster an inclusive environment supporting development, flexible hours, and work-life balance. Additional perks include health plans, season ticket loans, and generous parental leave.
Additional Details
Senior level: Mid-Senior
Employment type: Full-time
Industry: Accounting, IT
#J-18808-Ljbffr