The Senior Information Security Analyst will work within the Information Security team providing security guidance and support to the business. This role will involve a mix of technical security design, operation, assurance and review in addition to maintenance of assurance processes, production of management information and administration of processes/procedures to demonstrate security controls are embedded across the business.

Key responsibilities include:

Provide guidance regarding technical security best practice to the IT team and wider user community
Review, challenge and contribute to technical designs to ensure that security is designed into new solutions
Maintain a working knowledge of technical security requirements and best practice
Review, maintain, improve and gain assurance over security solutions deployed within the Bank
Review, assess and ensure appropriate remediation actions are in place for any vulnerabilities identified within the company – this will include contributing to and improving the vulnerability management approach
Production of regular Security related reports for the CIO and wider company
Contributes to policies, standards, and guidelines to ensure that security best practice is applied across the company
Contributes to the development and maintenance of security awareness programmes
Understand and assess security risks associated with key third party suppliers
General security administration support within the IT Security Team
Conduct regular reviews of security controls to ensure that they remain effective and fit for purpose

The Person:

Excellent understanding of information security concepts and practices
Background working within a technical role, with exposure to aspects of networking, operating systems, software packages and security tooling
Experience of reviewing technical designs and solutions to identify security risks and opportunities for improvement
Industry recognized qualifications such as CISM, CISSP or CCSP is desirable