This advertiser has chosen not to accept applicants from your region.
Full Job Description
Who we are looking for
An Information Security Analyst, who will work within our vulnerability management team, focusing on the technical side to ensure IT systems are operated securely.
The Information Security department monitors our live operations, creating and responding to alerts and anomalies identified through automated tools or manual analysis.
The vulnerability management (VM) function covers two main areas: owning the processes and schedules related to vulnerability scanning of all endpoints in the business, and assessing the risks and impacts of vulnerabilities.
You will review results, own the scheduling and planning of third-party vulnerability and penetration testing, and collate reports.
Liaising with parts of the business, you will understand the risk profile and advise on options to resolve issues.
You will work closely with governance and compliance colleagues to ensure regulatory requirements are met.
This role is eligible for inclusion in the company’s hybrid working policy.
Preferred skills and experience
* Good understanding of principles, practices, and technologies of information and cybersecurity.
* Hands-on experience with vulnerability scanning, result evaluation, and risk articulation.
* Experience in security-related technical investigations.
* Knowledge of industry-standard information security practices.
* Awareness of developments in security technologies and their applications.
* Knowledge of PCI DSS at the current version.
* Excellent communication and documentation skills, with high attention to detail.
* Strong organizational skills and ability to meet deadlines.
* Pragmatic approach to governance and risk management.
* Flexible, proactive attitude towards work.
Main Responsibilities
* Conduct vulnerability scans using leading tools.
* Schedule scans across the business, ensuring reporting and minimal operational impact.
* Articulate business risks to technical and non-technical colleagues.
* Coordinate internal and external resources to meet targets.
* Ensure security considerations are integrated into project lifecycles.
* Liaise with the business to maintain compliance with security requirements.
* Act as an escalation point when necessary.
* Create technical documentation.
* Stay updated on emerging threats and escalate concerns.
* Participate in audits as needed.
By applying, you agree to share your personal data in accordance with our Recruitment Privacy Policy, available at [link].
#J-18808-Ljbffr