Our client is seeking an Information Security Analyst to join their cyber security function, with a strong focus on vulnerability management, assurance and compliance.
Reporting into the Head of Information Security, this role plays a key part in identifying, assessing and reducing cyber risk across the organisation, working closely with internal technology teams, managed service providers and third-party security partners.
Key Responsibilities
* Manage vulnerability management and remediation activities across applications and infrastructure
* Coordinate penetration testing, remediation and assurance activities with third parties
* Support ongoing PCI DSS compliance, including assessments, evidence and control testing
* Configure and operate security tools, including vulnerability scanners and endpoint protection
* Monitor and respond to security incidents, escalating to SOC teams where required
* Conduct security risk assessments, audits and contribute to risk management frameworks
* Implement security policies, procedures and develop operational playbooks
* Act as a key security point of contact for internal teams, MSPs and security partners
Experience:
* Proven experience in Information Security, Vulnerability Management or Security Operations
* Strong understanding of vulnerability assessment, patch management and remediation processes
* Knowledge of secure web application principles (OWASP Top 10, SANS 25)
* Experience with application and infrastructure security, including:
Firewalls, Web & Email Security, AD / Group Policy, MFA, DMARC, DKIM, SPF
* Good understanding of network and cloud security concepts (DMZ, TCP/IP, Cloud platforms)
* Solid awareness of current cyber threats, risks and mitigation techniques
Desirable:
* Experience supporting PCI or other regulatory compliance frameworks
* Exposure to managing penetration testing programmes end-to-end
* Ethical hacking or information security certifications (e.g. CISSP, CCSP, Microsoft Security)
* Experience with Microsoft Azure, Office 365, Endpoint or Cloud Security tooling
Please apply now if you are meeting the above criteria or contact Andrew Harrison directly.