Join to apply for the Information Security Assurance Analyst role at SGN
Portsmouth/Horley | £44.4k - £55.5k per annum (dependent on skills and qualifications)
Full Time | Hybrid
Competitive pension scheme – Enhanced maternity/paternity pay – Life assurance – HolidayPlus – Cycle2work Scheme & more
We deliver safety, warmth, and comfort to homes and businesses. Every role, whether in the office or on the front line, plays a key part in this mission.
Responsibilities
* Perform a threat modelling exercise of all projects and provide mitigating cyber security requirements to help ensure the secure delivery of compliant systems, applications and business processes
* Review both high/low level architecture definition documents for compliance against security policies, standards and regulatory requirements, and attend Technical Design Authority (TDA) and Architecture Review Board (ARB) meeting to provide security signoffs
* Manage a team of security assurance analyst / consultants providing thought leadership across a number of assurance functions, and helping to navigate through senior management approvals thereby allowing for seamless and smooth engagements with project delivery teams
* Perform cyber security risk assessments, compliance checks, audits and reviews to ensure that appropriate security controls are in place and highlight any deficiencies and gaps for management consideration
* Provide cyber security assurance activities by ensuring implemented solutions are a replica of agreed and approved architecture definition documents, helping to facilitate penetration testing as per local Cyber policies, whilst providing security advice, in collaboration with Corporate Cyber Security, and support to management, BAU and projects to comply with both global and local requirements and obligations
* Maintain and communicate relevant local security procedures aligned with necessary Cyber Security rules, processes, procedures and standards
* Where required, propose solutions and coordinate delivery of mitigating actions to ensure risk levels are aligned with risk appetite
* Perform compliance checks to ensure Cyber Security controls are operating as designed
What You Will Need
* The individual should be educated to degree level in a relevant discipline
* Must be one of CISM/CISSP/CCSP/TOGAF/CRISC/AWS Solution Architect or equivalent certified or willing to undergo certification on the job
* Must have expertise in Cloud (IaaS, Paas, SaaS), in particular AWS and Azure
* Must have proven expertise in three of the following security domain areas; Vulnerability Assessment and Management, Security Risk and Compliance, Cloud Security Architecture, Application Security, Security Operations Centre and Investigations, Incident Management and Security Engineering
* Must have 2-3 years’ cyber security experience
* Good understanding and practical experience of Cyber Security Frameworks and standards such as NCSC security principles, NIST Framework, ISO 27001, ISO27005, IEC62443 etc.
* Good understanding of Cyber Assurance Framework and experience with working with Regulators and providing compliance updates for OT environment
Not sure you meet every requirement?
Research shows some people – particularly women and those from underrepresented backgrounds – may hesitate to apply unless they meet every criteria. At SGN, we value diverse backgrounds, experiences and perspectives. If this role interests you but you’re not sure you tick every box, we’d still love to hear from you. You might be just who we’re looking for – now or in the future.
About SGN
SGN is a leader in pioneering research and development toward a net‑zero energy system. Our cutting‑edge technologies and innovative thinking are driving change in the gas industry, all while keeping people safe and warm.
Diversity & Inclusion
If you require any accommodations or support during the application process, reach out to us. We're here to help ensure an inclusive and accessible experience for everyone.
#J-18808-Ljbffr