Information Security Risk Analyst - London, Victoria

Job Type IT
Region London
Location Victoria
Preferred Hours Full Time
Partnership Level
07
Closing Date 25/8/2019
Vacancy Type
Permanent
Salary £46,600 - £63,000
Salary Frequency per annum
Hours of Work
35 hours per week
Monday-Friday
09:00-17:30

Duties & Responsibilities

We're looking for a Senior Security Analyst (Internally known as ITL4 Security Analyst) to join our Information Security team in London, Victoria. In this role you will identify, assess and help manage information security risks across the Partnership by ensuring compliance of project deliverables and BAU services with applicable regulations, policies and standards on information security.

The John Lewis Information Security team ensures that security is delivered by design. We work on multi-faceted projects within the business providing security focused consultancy ensuring that the Partnership's infrastructure and information assets are protected. We work with internal business stakeholders and Third Parties to undertake security risk assessments and identify acceptable levels of residual risk.

Job Requirements

Using proven information security experience, you will be working independently on projects, providing guidance and ensuring that these are delivered securely, protecting customer, employee and business sensitive data and ensuring compliance with Information Security policies and standards.

Possessing strong analytical, communication and consulting skills, you will be expected to engage with internal stakeholders providing advice on security requirements and drafting risk assessments for Business sponsors/Data owners. Strong knowledge of Information security and related infrastructure and application technologies will be required to help inform pragmatic risk management decisions.

Required essential experience skills and qualifications

- Demonstrable experience in an Information Security role following a structured Risk management framework
- End to End Information Security Project Assurance experience
- Experience developing security policies/standards
- Experience of one or more Information security and privacy regulations and standards and application of best practice e.g. PCI DSS, ISO 27001, SABSA, COBIT, DPA/GDPR etc
- Experience of third party assurance

Required desirable experience skills and qualifications

- A recognised Information Security certification e.g. CISSP, CISM, CRISC, CISA, SABSA
- Experience conducting IT/Information Security Compliance assessments e.g. ISO27001, PCI, SOX etc.
- Experience of administering operational IT security controls in an organisation e.g. firewalls, DLP, NAC, IDS/IPS, SIEM, Vulnerability Management etc.
- Experience of using a GRC tool

*Please note that this role will require travel to our Bracknell Office on occasion.

Internal Use Only
#LI-JLPGR
#LI-MH1

APPLY NOW  

Latest opportunities

Mushroom Picker - Leckford Estate
  • Leckford, South East England
  • £8.40 - £10.00
  • Closing Date: 27/8/2019
Senior Software Quality Engineer
  • Victoria, London
  • £59,200 - £87,300
  • Closing Date: 25/8/2019
Production Operative, Milk Processing, Leckford Estate
  • Leckford, South East England
  • £8.71 - £10.87
  • Closing Date: 27/8/2019