The Role As an IT Information Security Analyst, you will assist in ensuring the integrity and security of the Oasis Group’s IT infrastructure, identifying risks to the business and mitigations. You will be involved in creating and implementing policies and procedures to describe and improve the security controls in place while assisting the Group Compliance department to ensure the Oasis Group maintains all its security accreditations. You will have an active part in providing input into all audits from an IT perspective and complete Oasis Group’s client IT security audits. This role can be based from home, but travel will be required to sites in the UK, Ireland and Europe. Key Responsibilities Assisting in creating/reviewing and implementing IT related Information Security policies and procedures for the Oasis Group to achieve the best security accreditations. Provide training on information security throughout the business. Play an active part in managing/conducting information security risk assessments and maintain the IT risk register, ensuring risks are managed through to completion. Assist in managing the Web Application testing program, ensure that all vulnerabilities are managed and that appropriate actions are taken. Manage action plans and communicate with all third parties in relation to vulnerabilities. Ensure that internal and external vulnerability scanning of systems are conducted and action plans are created. Assist with ensuring that hardware patching takes place monthly as well as ensure that critical patches are applied in a timely manner. Have an active part in all ISO and client audits where an IT Information Security input is required. Take part in all IT responses to the client security questionnaires, ensure that all questions are answered appropriately and to ensure the integrity of the business. Assist with managing the organisations obligations pursuant to relevant laws, regulations and guidelines. Assist in the production of data protection impact assessments and performance monitor metrics. Work alongside the Compliance Team in matters relating to data protection. Actively monitor real-time alerts from security systems such as the internal SIEM solution. Actively keep abridge of the latest security trends and vulnerabilities that could affect OASIS systems. Proactively pushing for security best practice within the OASIS Group. Candidate Requirements: Experience in a similar security position. Experience of working with a SIEM solution. Able to proactively take on new complex tasks. The ability to work on their own and as part of a collaborative team. Experience with Microsoft based IT network infrastructure. An understanding of ISO based audits and the processes around them, ability to respond to client questionnaires from an IT perspective. Excellent written and verbal communication, experience of IT policy writing. Any experience of the NHS HSCN network and the IG Toolkit would be desirable. Any understanding of ITIL would be desirable. An understanding of GDPR is mandatory. The ability to communicate potentially complex setups to people of all levels within the business. A self-starter with the ability to improve the future of the Group’s IT security based on best practice and best-of-breed technologies, personal gravitas to influence the rest of the Group at all levels. The Company is required by law (Immigration Act 2016) to have proof of right to work in the UK, prior to commencement of employment. The Company is required to conduct a background screening check as set out by the British Standards Institution BS7858 prior to commencement of employment. OASIS is an equal opportunities employer. The Company confirm that our legitimate interests comply with GDPR and data protection. Agencies When we require external assistance with our vacancies, we will reach out to our PSL supply chain. Please be aware that we operate an extremely strict PSL policy with close relationships with our suppliers and cannot respond to agencies outside of the PSL. Please do not contact individual hiring managers.