Information Security Assurance Analyst

James Joseph Associates
03 Jun 2024
17 Jun 2024
Employer Sector
Technology, IT & Telecoms
Contract Type
Full Time

Our client is an established and actively expanding Financial Services firm. The opportunity has arisen, initially on a 12–month fixed–term contract basis for a talent Security Assurance Analyst to support their existing team.

THE ROLE: Information Security Assurance Analyst

The Security Assurance Analyst will participate in activities related to regulatory compliance, cyber security assessments of vendors/delegated authorities, IT audits/assurances, security awareness and training initiatives, and the management and reporting of IT risks. You will promote a culture of Information Security within daily operations of the department and the broader organization, ensuring the confidentiality, integrity, and availability of enterprise services. This position involves working closely with key stakeholders across the business, including Procurement, Delegated Authority, Compliance, Risk, Operations, and the broader Technology Services team.

KEY RESPONSIBILITIES: Information Security Assurance Analyst

  • Be part of a dedicated Information Security team, contributing to various security initiatives.
  • Conduct cyber security maturity assessments for third parties and provide feedback to key stakeholders.
  • Track and maintain records of all third–party cyber security assurance findings.
  • Facilitate cyber security discussions with third parties to support and enhance their security posture.
  • Perform compliance reviews for new software requests.
  • Offer guidance and assist business stakeholders with Information Security communications across the organization.
  • Collaborate with colleagues to support Information Security audit programs and maintain the IT Risk Register, adhering to corporate governance requirements.
  • Assist in developing information security metrics and reporting for all organizational levels.
  • Help create and implement the Security Awareness Training program for employees.
  • Work with the wider team on projects to ensure timely achievement of key objectives.
  • Perform duties promptly and accurately to ensure successful operational performance, reporting to the Security Assurance Manager as needed.
  • Stay updated on industry trends, emerging controls, and changes in legal and regulatory requirements, including FCA, Lloyds, PCIDSS, and GDPR.
  • Demonstrate and uphold the company values in all daily activities.
  • Carry out any other duties as reasonably required and directed.

SKILLS / EXPERIENCE REQUIRED: Information Security Assurance Analyst

  • Proven experience in Information Security or Security Assurance.
  • Skilled in conducting cyber maturity assessments and managing related findings.
  • Strong communication skills at various organizational levels.
  • Excellent influencing and relationship management abilities, with the capability to build and sustain Customer/Supplier relationships.
  • Experience in IT Audit and Recertifications, such as access control reviews, is advantageous.
  • Ability to generate management information for reporting purposes, according to a set schedule or upon request.
  • Meticulous attention to detail.
  • Proficient in handling multiple tasks and priorities, with flexibility to adapt to changing requirements, schedules, and priorities.
  • Self–motivated and capable of achieving goals independently as well as collaboratively.
  • Highly skilled in using Microsoft Office applications such as PowerPoint, Excel (including VLOOKUPs and macros), Word, and Visio.
  • Relevant certifications such as CompTIA Security+, CISMP, or CC is desirable.
  • Familiarity with ISO27001 is a plus.
  • Some knowledge of GDPR is desirable.