IT Security and Compliance Analyst

IT Security and Compliance Analyst Chippenham, South West England, England

Holman
Full Time Chippenham, South West England, England 21000 - 34998 GBP ANNUAL Today
Job description

At Holman, we exist to provide rewarding careers and better lives for employees and their families. We hire, train, empower, and reward exceptional people. Our journey is guided by our desire to get it right every time and the acknowledgement that we have an opportunity to be better. To be better, we have to do better, and to do better we must know better. That’s why we are listening, open to learning new things – about ourselves and each other. We will never stop striving for improved diversity, equity, and inclusion because we are successful together when we feel trusted and supported. It’s The Holman Way.

At Holman, your total compensation goes beyond your paycheck. To position you for success and provide a rewarding career and better life for you and your family, Holman is proud to offer you the benefits you deserve; including protection against illness, disability, loss of work, or preparation for retirement. Below is a brief overview of these programs (programs may vary by country or worker type):

Health Insurance

Dental Insurance

Life and Disability Insurance

Flexible Spending and Health Savings Accounts

Employee Assistance Program

Retirement Plan

Paid Time Off

Tuition Reimbursement

Position Title (Job Code): IT Compliance Analyst

Grade Level:
FLSA Status (Applicable Exemption): N/A
Principal Work Location: Chippenham/ Birmingham UK
Department: Information Technology
Reports to (Title): TBD
Number/Type of Employees Supervised: None

Principal Purpose of Position:
Works with fellow team members and other departments to address customer assurance requests, preparing responses to customer inquiries.
Work with senior managers across the business to drive the information security agenda and ensure that it meets complex compliance requirements.
Works closely with Senior Analysts supporting compliance, regulatory, vendor and cyber-maturity assessments and reporting.
Provides direct support for control activities such as access reviews, data mapping and vendor assessment.
Works toward, establishes, and maintains a firm knowledge of data security practices and relevant regulatory requirements.
Assist with the development of control frameworks to meet business and regulatory requirements
Participates in project reviews, working with business representatives, technical staff, suppliers, and project team members to evaluate information security requirements, and to help mitigate potential exposures.
Provides support for contract review and negotiation of information security and privacy requirements.
Monitors and promotes compliance with information security policies and standards. Recommends changes to policies, standards and procedures.
Consult with IT colleagues to ensure that security is factored into the evaluation, selection, installation and configuration of hardware, applications and software
Supports UK DPO in providing technical expertise in relation to UK GDPR, Data Protection Act 2018 and PECR 2003
Ad hoc tasks as required by the business
Perform all other duties and special projects as assigned.

KNOW-HOW

Sound analytical judgement, self-motivated, attention to detail, ability to manage deliverables against firm timelines, and commitment to producing results.
A motivated self-starter that is able to work independently and in a team environment.
Strong verbal and written communication skills.
Knowledge of information security & control frameworks e.g., NIST, ISO 27001/27002 a plus.
Familiarity with regulatory and compliance mandates e.g., PCI, CCPA, GDPR a plus
Proficient with Microsoft Office suite of products

Education and/or Training:
At least one industry certification (e.g. CISA, CISM, CRISC, CISSP, ISAAP) a plus

Relevant Work Experience:
5 years of combined Information Security and Technical Administration Experience.
Proven experience in an information security role including experience of developing Information Security policies and plans.
Working knowledge of General Data Protection Regulation (GDPR).
Experience with information security internal & external audits and contract compliance.
Good understanding of system technology security testing (vulnerability scanning and penetration testing.
Excellent understanding of information security concepts, protocols, industry best practices and strategies.

Planning/Organizing/Managerial Knowledge:
Proactive and committed to finding a solution, with ability to use initiative and common sense
Experience of planning, prioritising and organising the work of yourself and others, delivering to tight deadlines whilst ensuring the effective use of resources
Strong ability to organise assignments and work efforts to meet schedules and deadlines
Strong analytical skills for effective problem solving and trouble shooting

Communicating & Influencing Skills:
A positive, proactive and adaptable communication style
Strong verbal and written communication skills with a focus on the ability to communicate technical issues to a diverse non-technical audience
Strong ability to grasp issues quickly and make educated, critical judgments across most business process
Committed to delivering excellent customer service within the parameters agreed
Able to communicate ideas and plans in a clear and concise manner

PROBLEM SOLVING

Indicate those statements that describe the process by which this position solves problems. Show the % that the relevant statement represents among all problem solving done by this role. The sum of percentages indicated for each category should equal 100%. For each relevant statement, give an example of a problem and the method of resolution.

The problems are similar to each other and have a limited number of predefined solutions. Standing procedures/plans and/or a structured routine directs the problem solving process.

% of all problems: 50%
Example: Security assessment required as part of new business or partnership; consult with business SME’s to complete assessment. Manage the process through to completion, providing ultimate sign-off

The problems encountered are dissimilar and typically have a number of solutions. The solutions may be derived from a general plan or a flexible routine may be utilized to solve problems of this type.

% of all problems: 30%
Example: Requirement to assess new software or hardware vendor as part of a new business project. Complete assessment using standard process, making recommendation to the business, bringing awareness to any risk.

The problems encountered are unique situations and there is an unlimited number of solutions, many of which are unknown. There are no procedures or routines to follow, but only broad policies to guide the problem solving process.

% of all problems: 20%
Example: Annual review of all security policies and procedures, updating in line with any legislative or internal business changes. Audit business processes to ensure compliance with policies.

ACCOUNTABILITY

This describes the extent to which this position is answerable for actions and their consequences. It measures the effect of the job/role on end results.

For each type of Accountability, indicate an approximate dollar value of impact and whether the role has a Direct impact (controls end results or shares control with peer positions) or Indirect impact (generally informational, interpretive, analytical, or enables others to take action). If no dollar value can be determined, enter Non-Quantifiable instead of an amount.

Sales

$ value: Non-quantifiable
Direct/Indirect: Indirect

Selling, General, & Administrative

$ value: Non-quantifiable
Direct/Indirect: Indirect

Manufacturing

$ value: Non-quantifiable
Direct/Indirect: Indirect

Project Management

$ value: Non-quantifiable
Direct/Indirect: Indirect

Assets

$ value: Non-quantifiable
Direct/Indirect: Indirect

Other (Please specify):
$ value: Non-quantifiable
Direct/Indirect: Indirect

List statements which describe the primary results/outputs for which this position is held accountable. Please limit the list to 5 or 6 statements.

Review security assessments and make recommendations, identifying any risk
Carry out internal audits of systems and process and make recommendations for improvement
Define, document and publish policies based on regulatory compliance, ensuring wider business awareness
Improve general awareness of security compliance throughout the business
Meet annually set individual goals

Holman is a global automotive leader that serves both commercial and consumer clients The Holman Way by always doing the right thing for our people, our customers, and the community since 1924. The Holman story began nearly a century ago as a single Ford dealership in New Jersey. Today, Holman, headquartered in Mount Laurel, New Jersey, is one of the largest family-owned automotive service organizations in North America with more than 6,500 employees across North America, the UK, and Germany.

Holman delivers a unique range of automotive-centric services including industry-leading fleet management and leasing; vehicle fabrication and upfitting; component manufacturing and productivity solutions; powertrain distribution and logistics services; commercial and personal insurance and risk management; and retail automotive sales as one of the largest privately owned dealership groups in the United States. Guided by its deeply rooted core values and principles, Holman is continuously Driving What’s Right.

Holman provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.

This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.

IT Security and Compliance Analyst
Holman

http://www.holman.com
Mount Laurel, United States
Carl Ortell
$2 to $5 billion (USD)
5001 to 10000 Employees
Company - Private
Motor Vehicle Dealers
1924
Related Jobs

All Related Listed jobs

Receptionist
Delta By Marriott Nottingham Belfry Nottingham, England 10.42 GBP HOURLY Today

Working as part of a small reception team, youll deal with all guest requests and provide everyone with that VIP treatment.

Plant Care Specialist / Plant Technician
Confidential Plantscaping Company Sunnyvale, CA 19 - 25 USD HOURLY Today

- Drive to the accounts in your own insured vehicle (route mileage reimbursed at federal rate, currently, 59 cents per mile)*. - Have a valid Drivers License*.

Tesco Colleague - Phone Shops - Fareham Superstore
Tesco Fareham, England 19232 - 25048 GBP ANNUAL Today

Delivering a great shopping trip for customers every day, following all opening and closing routines, ensuring all facilities are in a good working order and

food service worker
J D Wetherspoon Rutherglen, Scotland 22298 - GBP HOURLY Today

The ideal applicants

We're looking for fun, enthusiastic, passionate people to join our hard-working teams. We recruit for personality and, as...

Construction Site Labourer
Crownstone Preservation London, England 13 - 16 GBP HOURLY Today

Crownstone* have a fantastic opportunity to work for a *specialist waterproofing/damp-proofing* contractor, operating throughout London and the Home Counties.