Information Security Compliance Analyst
This job does not exist anymore.
Or fill in the form below to receive job alerts.
|Job Type||Permanent Full Time|
|Area||Coventry , United Kingdom|
- In a nutshell
Working within the Standards and Compliance team, you will assess company Business Partners to
assure Administrative, Logical and Physical controls are in line with company Standards and external
Industry best practice Standards (eg ISO27001 and PCI DSS) and Regulations (GDPR). Includes
Information Security compliance checks and reviews to ensure adherence to with Policy, Standards,
Legislation and Regulation and the performance of other administrative duties relating to Information Security management.
What I need to do
Support the Information Security Compliance process to ensure adherence to defined
Standards and Policy.
Support and maintain PCI compliance.
Coordination of the team’s work efforts.
Work with company 3 rd Party partners to assure compliance with internal and Industry
Standards in order to protect company Information.
Co-ordinate Information Security risk assessments using the provided Information Security Risk
Investigate relationship owners, system owners, service provisions and unknown connections.
Have involvement with all Information Security functions including 3 rd Party Assurance, PCI,
Projects, SOC and Security Testing to ensure Policies, Standards and Awareness initiatives
support their processes.
Support other Information Security related tasks as required.
Administer our supplier 3 rd Party Assessment management application, triage email, write reports
and engage with Suppliers on the phone and in person (including on-site visits).
How I will succeed
Enjoy delivering a professional Information Security service to Colleagues.
Successful completion of allocated tasks.
Compliance with company Information Security Standards.
Development into an Information Security professional.
Continuous personal development.
Keeping up to date with latest industry knowledge and trends.
Excellent feedback from customers.
Talkback 360 degree feedback from colleagues.
What I need to know
Degree or relevant industry experience (Info Sec, IT or technology projects) -Essential
Professional Security qualification (Current CISSP or CISM preferred)
Knowledge of ISO27001.
Knowledge of Data Protection Act and PCI DSS.
Knowledge of General Data Protection Regulation (GDPR).
Knowledge of the principles of Information Security in a commercial environment.
Understanding of network architecture, protocols and principles.
Understanding of Security risk analysis techniques.
What I need to show
Supporting Information Security Compliance processes.
A demonstrable interest in Information Security.
Proactively taking responsibility, owns any issues arising and follows through to resolve them
(get the required result) and recognises how individual responsibility impacts team delivery and
inspires others to do the same.
Works collaboratively with a range of people to support the wider business agenda.
Ability to think pragmatically, methodically and logically and communicate well using spoken and
Resources available to me
Software licences, hardware, documentation and management tools of relevance to the role.
3rd party service providers (as appropriate).
Proactive Information Security team.
What decisions I can make
Risk analysis quantification.
Points of escalation.