Information Security Analyst

Our client is seeking an Information Security Analyst to join their cyber security function, with a strong focus on vulnerability management, assurance and compliance.

Reporting into the Head of Information Security, this role plays a key part in identifying, assessing and reducing cyber risk across the organisation, working closely with internal technology teams, managed service providers and third-party security partners.

Key Responsibilities

• Manage vulnerability management and remediation activities across applications and infrastructure
• Coordinate penetration testing, remediation and assurance activities with third parties
• Support ongoing PCI DSS compliance, including assessments, evidence and control testing
• Configure and operate security tools, including vulnerability scanners and endpoint protection
• Monitor and respond to security incidents, escalating to SOC teams where required
• Conduct security risk assessments, audits and contribute to risk management frameworks
• Implement security policies, procedures and develop operational playbooks
• Act as a key security point of contact for internal teams, MSPs and security partners

Experience:

• Proven experience in Information Security, Vulnerability Management or Security Operations
• Strong understanding of vulnerability assessment, patch management and remediation processes
• Knowledge of secure web application principles (OWASP Top 10, SANS 25)
• Experience with application and infrastructure security, including:
  Firewalls, Web & Email Security, AD / Group Policy, MFA, DMARC, DKIM, SPF
• Good understanding of network and cloud security concepts (DMZ, TCP/IP, Cloud platforms)
• Solid awareness of current cyber threats, risks and mitigation techniques

Desirable:

• Experience supporting PCI or other regulatory compliance frameworks
• Exposure to managing penetration testing programmes end-to-end
• Ethical hacking or information security certifications (e.g. CISSP, CCSP, Microsoft Security)
• Experience with Microsoft Azure, Office 365, Endpoint or Cloud Security tooling

Please apply now if you are meeting the above criteria or contact Andrew Harrison directly.

Skills:
InfoSec Cyber Security Vulnerability Compliance Application Infrastructure

Benefits:
Work From Home

WHJS1_NI