Senior Information Security Analyst - Project Assurance

15 Apr 2018
18 Apr 2018
Job Type
Contract Type
There's a whole lot more to technology at Sainsbury's than meets theeye. In this vital role at the forefront of Information Security, you'llfind we're as much a Digital and Technology company as we are aSupermarket Chain. And as we continue our digital transformation, you'llbe at the heart of it.You'll discover a business with a Cloud-first approach, embracing thelatest technologies. We're ahead of the game in methodology too,building a DevOps culture and embedding Agile working. Our Digital andTechnology teams develop an extraordinary variety of products andservices spanning our supermarkets, online shopping, and our financeofferings through Sainsbury's Bank. They power a diverse back office,too - from logistics and store support, through to HR apps. Information Security is crucial to our success in all these areas. Sothe scope to develop a rewarding career is every bit as big as ourambitious plans to develop new apps and services. As an experiencedSenior Information Security Analyst, you'll be a trusted consultant tothe business. Your brief will span security assurance, business asusual, and a diverse portfolio of IT projects. Working closely withproject and programme teams, including Security Architects, TechnicalDesigners and Product Owners, you'll see that projects are deliveredsecurely and compliantly, protecting all sensitive data. Put simply, youwill make sure the right security controls are always built in.Supporting in-house development utilising Agile and Waterfallmethodologies, a strong knowledge of security testing will beparticularly important. You'll review projects; provide options on thebest security solutions; engage with external and internal securitytesting resources to agree the scope of testing required; coordinate thetesting process; explore the results, then assess and mitigate the risksin collaboration with the project team. The difference you make will behuge. So what are we looking for?Equally confident working solo and as part of a team, your end-to-endproject engagement skills as a dedicated Security Analyst aresecond-to-none. You'll have a flair for managing stakeholders, with atalent for clear and persuasive communication - especially when youraudience doesn't share your technical security expertise.Naturally, we'll expect you to have an impressive track record ininformation security assurance and compliance, with the skills andknowledge to work independently. Comfortable in a Hybrid environmentlike ours, you will ideally be familiar with On-Premise Data Centreinfrastructure and various Cloud Service Providers.We'll expect you to have a CISSP or CISM. In addition, CRISC, CCSP, CEHor an equivalent would be an advantage. You'll demonstrate the skills,knowledge and experience necessary to hit the ground running in everyaspect of your brief, once you have rapidly familiarised yourself withour project assurance and risk management processes. Your expertisespans IT architectures and concepts including Cloud, BYOD and MobileDevice Management; OWASP vulnerabilities, tools and methodologies; HTTP,SSDLC and Security Testing, and PCI, DPA and ISO27001. If you've got everything we're looking for, we'll give you the mostrewarding role of your career so far. And while we're sure you'll bepleasantly surprised by the scope of all we do, rest assured theopportunities for development are as great as you'd expect from a majorbrand like Sainsbury's. #LI-LS1 - provided by Dice AGILE, CCSP, CEH, CISM, CISSP, CLOUD, INFORMATION SECURITY, ISO27001, LOGISTICS, MOBILE, RISK MANAGEMENT