Base pay range Direct message the job poster from identifi Global Resources
Information Security Analyst - Hatfield - Hybrid - up to £60k + Excellent Bens About the company:
Global Technology powerhouse pioneering the future of transport & logistics through disruptive innovation and automation. They create world-class systems at the intersection of robotics and IoT, cloud platforms, big data, machine learning, software development, and beyond.
What you will be doing:
Support the InfoSec GRC team in all aspects of information security across the organization, including overall information security governance, compliance programs, third-party vendor risk management, education, and Vendor Risk Management tool administration.
Contribute to the creation and refreshment of information security documents, policies, processes and procedures.
Work with business stakeholders and project teams to understand, scope and define security requirements.
Assist in developing control testing strategies, to ensure our security controls are meeting their objectives.
Perform internal security and vendor risk assessments.
Support Data Protection activities.
Support the Information Security teams and Business functions in maintaining security attestations, which include PCI DSS and SSAE18/SOC 2.
Provide effective reporting to the Head of Information Security Governance of trends, audit findings and risk ratings.
Perform internal and third-party vendor risk assessments, and write risk assessment reports.
Manage and analyze security controls, while understanding the risk of certain controls not being in place.
What we’re looking for:
Experience in an Information Security GRC related role, including writing Information Security related Policies, Processes and Procedures.
Knowledge of current information security standards, frameworks and regulations such as ISO27001, NIST, SSAE18/SOC 2, PCI-DSS, GDPR.
Third-Party Vendor Risk Management experience.
Good communication skills with ability to articulate compliance changes and experience in collaboration with internal / external stakeholders.
Nice to have (but not essential):
Knowledge of Vendor Risk Management tools such as OneTrust.
Any of the following: CISA, CRISC, or CISM certifications.
What is in it for me:
30 Day ‘work from anywhere’ policy.
Remote working for the month of August.
25 days annual leave, rising to 27 days after 5 years service (plus optional holiday purchase).
Pension scheme (various options available including employer contribution matching up to 7%).
Private Medical Insurance.
22 weeks paid maternity leave and 6 weeks paid paternity leave (once relevant service requirements complete).
Cycle to Work Scheme.
Opportunity to participate in Share save and Buy as You Earn share schemes.
Income Protection (can be up to 50% of salary for 3 years) and Life Assurance (3 x annual salary).
For more information and immediate consideration apply today.
Seniority level
Mid-Senior level
Employment type
Full-time
Job function
Information Technology, Consulting, and Other
Industries
Transportation, Logistics, Supply Chain and Storage, IT System Custom Software Development, and Software Development
#J-18808-Ljbffr