Junior Security Analyst - Flexible location, UK
Are accountable for GBG’s Information Security, Security Architecture, Security Compliance, Security Awareness, Security Operations and Information Security Risk Management.
Junior Information Security Analyst is a key member of the Information Security Risk and Governance team responsible for the support of GBG’s group wide ISMS and activities.
What you will do
• Support the delivery of the GBG cyber strategy, services, capabilities and group CISO across GBG.
• Assist the implementation of GBG Information Security services as part of the CISO function.
• Work as directed by the Information Security Governance and Risk Manager to influence and support the continual improvement of GBG’s global ISMS.
• Work as part of GBG’s Information Security Risk and Governance team across a number of security improvement work streams, which support various business units and geographic regions.
• Assist in coordinating and managing third party supplier security review process, scheduling and conducting reviews and audits, and associated risk management activities.
• Support the development of security procedures, processes in order to support service-level agreements (SLAs) to ensure that security services are managed and maintained.
• Works with information security leadership & IT teams to develop plans to enforce security requirements and address identified risks
• Manages relationship with GBG internal and external auditors
• A willingness to learn and develop, with the ability to manage expectations appropriately, building long-term relationships.
• Strong ICT skills including familiarity with Microsoft Office365 product suite (Especially Excel)
• Excellent communication skills and ability to interact with wider audience stakeholders across the globe.
• Open and honest communication, and ability to support team members within the Information Security team.
• Strong organisational skills and good attention to detail.
• Ability to prioritise work tasks in order to achieve objectives, hit milestones and complete project work within expectations.
• A good understanding of Information Technologies, including a focus on information security and cyber security.
• Ambition to stay up-to-date on IT security trends and security standards, and to develop skills and knowledge accordingly.
• An understanding of risk management methodologies.
• Knowledge of common information security management frameworks, such as ISO27001/2, ITIL, COBIT, PCI-DSS and, National Institute of Standards and Technology (NIST).
• Strong analytical skills to understand and interpret information security requirements and relate them to appropriate security controls.
• Experience to External & Internal RFP’s (Good to have)
• Exposure to audits from external sources, i.e. client requests, official bodies such as BSI, regulators (Good to have)
This role may require travel and working from multiple sites / locations. Willing and able to travel to participate in meetings, workshops, and other related activities (on Ad Hoc basis)