Job description
Arcas Technology is partnered with a leading Property Management company based in Surrey who are currently looking for an experienced IT Security Analyst to join their business on a permanent basis.
You will play a vital role in bolstering the effectiveness of the clients safeguarding initiatives. This role involves fortifying the Information Security Program to shield its technology and information assets. Key responsibilities encompass strengthening the information security management system, supporting risk assessment procedures and monitoring external vulnerabilities.
Responsibilities:
· Enhance, sustain, and refine the information security management system (ISMS) and information security program to guarantee the confidentiality, availability, and integrity of all information assets.
· Oversee day-to-day management and enhancement of risk identification and mitigation strategies, addressing identified concerns both for the organisation and external suppliers.
· Contribute to the successful completion of external audits relating to information security.
· Adhere to various standards including ISO27001, ISO27017, ISO27701, ISO22301, Cyber Essential Plus, IASME Governance and NIST-CSF.
· Conduct and record internal audits to support the information security program.
· Manage Third Party Risk Management by consistently evaluating vendor security programs, striving to elevate the security risk management standards of our partners in the supply chain.
· Ensure compliance with legal regulations governing information security and follow industry best practices.
· Monitor various security operations toolsets, including SIEM, vulnerability management, endpoint protection, endpoint detection and response, intrusion detection, and threat intelligence.
· Generate security reports tied to information security governance, risk, and compliance.
· Manage the day-to-day growth and advancement of information security training and awareness initiatives.
· Support in identifying and rectifying corrective actions pertaining to information security.
· Contribute to the formulation of information security objectives and the strategic roadmap.
· Identify, document, and supervise information assets, including personally identifiable information.
· Effective teamwork and communication with stakeholders across both technical and business divisions.
Experience
· Demonstrable experience in information security governance, risk assessment, and compliance.
· Demonstrated background in information security operations.
· Proven track record of contributing to and working with an ISO27001-certified information security management system (ISMS).
· Sound understanding of the Cyber Essentials Plus framework.
· Proficiency in UK and EU data protection regulations, including GDPR and the Data Protection Act 2018.
· Comprehensive knowledge and/or hands-on experience in information and cyber security.
· Effective customer-facing skills and adept at stakeholder management.
· Highly organised with a methodical approach to task prioritisation and planning.
· Strong communication and organisational capabilities.
· Experience in problem-solving within a broader business context (business acumen).
If you believe that you are well-suited for this role, we kindly request you to submit your CV to Andy Dale at Arcas Technology.
Job Types: Full-time, Permanent
Salary: £75,000.00-£80,000.00 per year
Benefits:
- Company pension
- Gym membership
Schedule:
- Monday to Friday
Ability to commute/relocate:
- Surbiton: reliably commute or plan to relocate before starting work (required)
Experience:
- Information Security: 1 year (preferred)
Work Location: In person