Job: Information Security Assurance Team Lead

Job Title: Information Security Assurance Team Lead
Contract Type: Permanent
Location: London
Salary: Competitive Salary
Start Date: 2018-06-23
REF: 23/07/2018
Job Published: 14 days ago

Job Description

Information Security Assurance Team Lead

Location- London

Competitive Salary

25 day holiday allowance

Pension scheme

Private health care

We are recruiting for an Information Information Security Assurance Team Lead to join a big branded client, based in London. 

Would you like to work for a market leading company and become part of a world class digital and technology function? You will be working on a diverse range of projects that delight customers and create value. Its inspiring work in a fascinating business. One that’s moving faster than most.

What you need to do?
  • Lead a team of Security Analysts engaged in delivering End to End Project Assurance i.e.:
  • Manage internal security assurance for internally developed applications within a DevOps environment
  • Scope penetration testing for both internal and external facing applications with external testing providers
  • Customer and Colleague feedback
  • Recognised as an Information Security SME
  • Continuous personal development
  • Fulfilling personal objectives
What do you need to know?
  • CISSP or CISM essential; CRISC, CCSP, CEH or equivalent desirable
  • Computer Science degree and/or MSC in Information Security desirable but not essential
  • Working knowledge of different delivery methodologies including Waterfall, Agile and Hybrid. Knowledge and skills to manage Penetration Testing processes and remediation
  • Has a broad knowledge and understanding of IT concepts and architectures including Cloud, BYOD, Mobile Device Management etc.
  • Proactively takes responsibility, owns any issues arising and follows through to resolve them, recognising how individual responsibility impacts team delivery and inspires others to do the same
  • Knowledge of OWASP vulnerabilities, tools and methodologies
  • Demonstrates extensive knowledge of good security practice covering the physical and logical aspects of information products, systems integrity and confidentiality
  • Expert in methods and techniques for risk management, business impact analysis, countermeasures and contingency arrangements relating to the serious disruption of IT services
  • Expert in tools or systems which provides access security control (i.e. prevents unauthorised system access)
  • Strong current knowledge of PCI, DPA and ISO27001

How will you succeed?
  • Projects/programmes are delivered securely
  • Projects are compliant with the relevant standards and regulations
  • Vulnerabilities are remediated and any residual risk is managed appropriately
  • Has expert awareness of problem solving procedures used for business-critical IT incidents, and a good awareness of their implications for a retail business
  • Strong process management and control skills, with experience in developing policies and processes