Information Security - Projects
This job does not exist anymore.
Or fill in the form below to receive job alerts.
|Area||West Midlands, UK|
|Job Ref||ISA(P)- LD|
Information Security Analyst – Product Assurance
Monarch IT is looking for an Information Security Analyst to represent a market leading Retail Group. The opportunity will play a key role in the Product Assurance team. The team is responsible for end-to-end Information Security assurance of IT products across the Group during both project and BAU activity.
Currently the Information Security team has around 60 employees and following a recent acquisition they are now looking to further grow their Information Security team within a great company cultural environment and opportunities to further develop you skillset with training and development from some of the leading industry experts.
- Supporting on a number of projects under the supervision of Senior Analysts/ISM Product Assurance.
- Provide end to end engagement on a wide range of IT projects ensuring that security is built in, they deliver securely and client and employee data is protected.
- Attend Programme/Project meetings and represent Information Security, giving advice as required.
- Review architectural and design documents including Solution Outline Documents, Detailed Designs, Network Diagrams, Data Flow Diagrams etc.
- Define Security Non Functional Requirements for each project and ensure that they are fulfilled prior to going into service.
- Ensure the relevant technology standards are applied to specific projects.
- Produce resource estimates for Information Security engagement on projects and record your time on the current resource management tool.
- Manage external resources to ensure that penetration testing is carried out to a suitable standard on time and within budget.
- Scope and manage Penetration Testing including the production of a plan to remediate vulnerabilities identified during any tests in a timely manner.
- Liaise with the Information Security Testing Team to ensure that Code Reviews, Application Scanning and Infrastructure Scanning is conducted in support of In-House Development utilising Agile delivery methodologies.
- Degree or relevant industry experience (Info Sec, IT or technology projects)
- CISSP, CISM, CCSP, CEH or equivalent certified (desirable but not essential)
- Knowledge of Waterfall, Agile or Hybrid delivery methods
- Knowledge of ISO27001, Data Protection Act and PCI DSS.
- Knowledge and understanding of IT concepts and architectures including Cloud, BYOD, Mobile Device Management etc.
- Knowledge of the principles of Information Security in a Retail environment (desirable)
- Knowledge and skills to manage Penetration Testing processes and remediation.