Information Security Analyst - Technical
Role: Information Security Analyst – Technical
Salary: £42,000 - £55,500, per annum, plus excellent benefits
Location: Birchwood, Warrington
Hours: 35 per week
Are you looking for a role with a high level of autonomy, allowing you to be the subject matter expert in ICT Security with a technical bias?
There are a lot of great things happening at Your Housing Group making it a good time to join the business and get involved. We are currently implementing significant investment into Digital and Organisational transformation and our ICT Team is growing and evolving significantly.
This is a great time to join an organisation which aspires to be a model of good practice for legislation, regulation and InfoSec management and is committed to continuous improvement in this area, protecting both customers and our organisation in equal measure.
Due to this growth, we are expanding our Information Security & Governance capability and as a result, we have an exciting opportunity for an experienced Information Security Analyst (Technical).
You will be involved in a range of ICT Information Security related activities including vulnerability management, risk and threat assessment, the maintenance and continued development of information security operations and incident response. The role provides the opportunity to be involved in a range of Security work streams with focus on risk management and control assurance.
You will take the lead and provide technical expertise and support for a range of security related activities, engaging with ICT and Business stakeholders in business as usual, change management and new project design and delivery, supporting plans to develop and improve Information Security and compliance to all ISO and other standards and regulations at YHG.
If you have a majority of the following experience, we would like to hear from you:
- Identify, assess, report and mitigate technical security related risks, threats and vulnerabilities within business processes, projects, systems and third-party data supply chain;
- Ensure all application components are fully supportable and secure, including privilege and standard user access control management;
- Work with stakeholders to support the development of secure, compliant IT/ business solutions including design, deployment and operation of cloud and on-premise infrastructure/services;
- Work with ICT/business stakeholders to develop cloud security best practices, (PaaS, SaaS, IaaS)
- Provide ICT and business stakeholders with technical security and risk assessment support
- Administration of security-based technologies, both cloud and on-premise inc. access controls, content filters, DLP, mail gateways, MFA and MDM;
- Support the implementation of compliant and consistent encryption technologies across the YHG infrastructure;
- Establish effective relationships with senior business stakeholders and provide subject matter expertise on business and technical projects which could introduce infosec/data privacy risk;
- Work as security lead on multiple security improvement work streams/projects simultaneously, identifying improvement areas, developing project plans and driving these projects execution
- Provide risk assessments across ICT projects and advise on appropriate measures & controls.
- Work with DevOps teams on the design & development of secure business application/solutions
- Participate at key management and governance bodies including ICT CAB, ICT Risk Management Committee and the Technical Design Authority;
- Provide security guidance in all stages of ICT project and change delivery, including performance of risk and impact analysis on proposed changes and projects to the security infrastructure;
- Manage Infosec risks with third party Data Processors and strategic ICT partners, to ensure emerging threats or changes to control frameworks are understood and incorporated;
- Manage third party supplier security reviews (new and existing suppliers) to ensure effective management of their data supply chain security risks (risk, contract and privacy assessments)
- Work with third party suppliers to ensure compliance with YHG’s security process and standards;
- Support regular major incident and disaster recovery rehearsals;
- Develop and implement business continuity and disaster recovery plans to ensure continuous service when a change programme is introduced, or security breach occurs
- Plan, develop and implement Information Security Training & Awareness initiatives
- Help to develop and maintain Technical Security Standards
- Build positive relationships with developers, infrastructure, applications and governance team
In return we offer a competitive salary of £42,000 - £55,500, Plus a great benefits package including – Flexible working, 25 days holiday (22 contractual and 3 non-contractual for Christmas shutdown), plus all bank holidays, (plus an option to buy further holidays), pension (matched up to 8%), Life insurance, medical benefits scheme, subsidised gym memberships and discounted shopping vouchers /Half price cinema tickets.YHG1
Your Housing Group