The Senior Information Security Analyst will work within the Information Security team providing security guidance and support to the business. This role will involve a mix of technical security design, operation, assurance and review in addition to maintenance of assurance processes, production of management information and administration of processes/procedures to demonstrate security controls are embedded across the business.

Key responsibilities include:

• Provide guidance regarding technical security best practice to the IT team and wider user community
• Review, challenge and contribute to technical designs to ensure that security is designed into new solutions
• Maintain a working knowledge of technical security requirements and best practice
• Review, maintain, improve and gain assurance over security solutions deployed within the Bank
• Review, assess and ensure appropriate remediation actions are in place for any vulnerabilities identified within the company – this will include contributing to and improving the vulnerability management approach
• Production of regular Security related reports for the CIO and wider company
• Contributes to policies, standards, and guidelines to ensure that security best practice is applied across the company
• Contributes to the development and maintenance of security awareness programmes
• Understand and assess security risks associated with key third party suppliers
• General security administration support within the IT Security Team
• Conduct regular reviews of security controls to ensure that they remain effective and fit for purpose

The Person:

• Excellent understanding of information security concepts and practices
• Background working within a technical role, with exposure to aspects of networking, operating systems, software packages and security tooling
• Experience of reviewing technical designs and solutions to identify security risks and opportunities for improvement
• Industry recognized qualifications such as CISM, CISSP or CCSP is desirable