| Location | |
| Country: | United Kingdom |
| State/Prov: | |
| City: | London |
| Position | |
| Position/Title: | Information Assurance Analyst |
| Position Type: | Contract |
| Closing Date: | 2008-08-17 |
| Job Description: |
Information Security Analyst Reference No. SF-316 Company Global Insurance Group Location London Salary £300/day - £380/day Package 6 month contract Start Date ASAP No. Required 1 The Role Maintain appropriate business IT systems and applications security: • IT systems confidentiality, integrity and availability is maintained; in order to protect the business operation, brand and shareholder value; and; to meet; regulatory and legislative requirements • To ensure a cohesive & layered approach to security IT architecture & controls • To enable the Business to report and manage its technical security exposure and risk profile • To ensure new business systems and application internal and hosted meet security standards to protect the business • To manage and contain impact of security related incidents on business operation and to limit reputational damage Key Accountabilities Reviewing all new IT system and application implementations as well as infrastructure changes (internal and hosted) to identify & mitigate security vulnerabilities and risks with a proportionate solution; or to ensure acceptance of risk is clearly acknowledged. Support and manage third-party penetration testing and where required conduct security penetration testing. To participate in developing and implementing solutions for the information security management improvement programme and all other areas of IT and the business. Conducting information security due diligence on any required third-party and managing identified risks to closure. Working in partnership with IT infrastructure team to ensure third-party connectivity is securely implemented and managed. To identify and participate in all projects where Information Security input and resource is required. Implement and to manage (24 x 7 availability) IT Security incidents and investigation processes Assist Group Information Security Manager in resolution of technical internal and external audit points Implement and maintain logging and monitoring of key IT infrastructure and as part of day to day duties ensure audit logs are reviewed for exceptions and management reporting produced e.g. firewall logs, monthly perimeter scan results Development, implementation and maintenance of information security policy (incl IT Security standards, processes and procedures) and proposals Review and respond to all IT changes from a security perspective through the company change control system. Support and deputise for the Group Information Security Manager as required Person Specification Ability to understand how to articulate information security risk as business risk Demonstrable technical understanding of at least 5 of the following areas and related security products and technologies; Checkpoint Firewall-1, WAN, LAN, Wireless, Windows Server 200x, Active Directory, Web Proxy, Web application & infrastructure, VOIP, endpoint security, Anti-Virus/Spyware, IPS and logging and monitoring Understanding of Information security principles and relevant international standards e.g. BS ISO/IEC 27002:2005 and ISO/IEC 27001:2005 Certified Systems Security Professional\Certified Information Security Manager or equivalent Up to date appreciation of the technical requirements of the role e.g. Understanding of Wintel environments, Active Directory and IT business systems and applications. Demonstrable evidence of interpreting & manipulating data clearly and accurately with the ability to extract & clearly articulate key points First class report writing skills, ability to develop and present ideas and reasoned arguments clearly and concisely to various audiences Demonstrates excellent communication skills, a confident and articulate presenter to internal/external audiences, exercising appropriate discretion in dealing with people from all levels of the Company Experience of two of the following: vulnerability impact assessment, resolution and processes e.g. security patching, application reviews and infrastructure penetration testing |
| Job Requirements: | Please note that in order to apply for any vacancy in the UK, you will need either a valid EC Passport or valid Work Permit enabling you to work in the UK. |
| Contact Information | |
| Contact Directions: | |
| Company: | Information Security Solutions |
| First Name: | Iain |
| Last Name: | Sutherland |
| Title: | |
| Email: | iain (at) InformationSecuritySolutions (dot) com [email concealed] |
