Information Security Analyst - Finance - £45,000-£65,000
Technical Skills: SIEM, Firewall, CISSP, Audit & Networks
I am currently recruiting for an Information Security Analyst position at a financial client based in London.
Company: The global corporation works internationally around market infrastructure and capital markets. There is a focus on Bonds, Derivatives and International Equity, whilst excelling across their Trading Platforms and Market Software for customers.
Essential Duties and Responsibilities
- Proactively promote the enhancement of cyber security through the identification of risk themes
- Help define the Group's information security program, policy, and standards. As assigned, guide operational areas across the Group on procedures, guidelines, and instructions to support the Group's policy and standards
- Evaluate security alerts generated by internal systems (e.g., SIEM, DLP, firewalls, etc.), vendors, and other industry sources.
- Collaborate on critical IT projects to ensure that security issues are addressed throughout the project life cycle.
- Work with vendors and service providers to provide documentation for regulation compliance.
- Assist in the collection of system information and procedures required by internal and external audits and examinations
- Independently assess, verify and observe operational performance in a broad oversight perspective for information security, and matters of cyber risk across the Group and carry out any special investigative requirements.
- Work with business stakeholders to establish plans for sustainable resolution.
- Determine potential impact of detected gaps and translate that into risk within the established framework.
- Assist in the security incident response management process at the Group
- Independently prepare reports for CISO and senior management on information security, information protection, and information risk matters.
- Perform special tasks as assigned by the CISO or manager within Information Risk Management.
Knowledge, Skills, and Abilities Required
- Working knowledge of security domains, auditing standards and frameworks, and risk analysis frameworks including ISO 27001, NIST Cyber Security Framework, etc.
- Knowledge of UK, EU and international regulatory requirements (GDPR, etc.).
- A broad and diverse security skill-set with advanced understanding of both technical and non-technical controls
- A minimum base knowledge of networking components and various operating systems and cloud environments.
- Minimum of three years of experience in network and/or security Administration is preferred.
- CISSP (or other relevant certification) or equivalent education, training, and experience.
- Ability to plan and implement ongoing testing and monitoring programs and knowledge of IT operational infrastructure.
- Knowledge of operational risk assessment methodology & mitigation development
If you feel this role is of interest to yourself or matches some of the skill set you have developed over your career, please do not hesitate to get in touch with myself on 0203 189 4350 or email me on Alternatively, if you are interested in other opportunities please do give me a call to see if there is anything we can do here at Twenty.