Senior Security Analyst
Job Title: Security Analyst
Job Type: Permanent
Salary: GBPCompetitive plus benefits
We are currently recruiting for a Senior Security Analyst to join the IT team!
The post holder will uncover a wide range of technical security vulnerabilities and advise the Information Security Manager on associated risks and potential remediation. The Senior Analyst will actively monitor the operations of IT in order to ensure appropriate security standards are maintained.
You will also might be engaged in Risk Management activities and Data Privacy Assessments for H&B Suppliers and projects.
- Review IT changes and provide input to the Change Advisory Board
- Support Cyber Security Team in developing and maintaining an assessment to provide assurance on the adequacy and effectiveness of the IT control environment to meet company Information Security standards
- Manage vulnerability scans (both Application and Infrastructure) and external PenTest engagements. Driving remediation efforts to reduce information security risks
- Manage H&B external security vendors and outsourced service providers; ensure delivery and performance meet agreed SLA and KPI
- Perform research of new threats, assessment and analysis on intrusion detection and prevention tools, firewalls, antivirus systems, proxy devices which requires demonstrable security incident response experience
- Create and maintain security operational reports for Key Performance Indicators and weekly and monthly metrics
- Conduct project assurance activities as required
- Execute daily adhoc tasks or lead security projects as needed
- Customer Focus
- Communication & Confidence
- Planning & Reviewing
- Attention to Detail
- Able to prioritise and effectively manage conflicting priorities
- Working in the IT security and security operations fields;
- Solid understanding of Risk Management, DPA and EU GDPR, PCI DSS and ISO 2700x standards
- Excellent understanding of applications security and relevant standards (OWASP);
- Knowledge of cutting edge threats and technologies effecting Web Application vulnerabilities, Endpoints, Infrastructure and recent threats
- Good knowledge of networking technologies (OSI, TCP/IP, Routing and Switching, Firewalls, IDS/IPS, DDoS, DNS, Load Balancer)
- Good knowledge of various operating systems (Windows/UNIX)
- Demonstrable experience of performing both internal and external vulnerability assessments
- Previous experience in Project assurance is beneficial
- Computer Science Degree or similar preferred
- Certifications from EC-Council, GIAC, (ISC)?? are preferred (CISSP, CISM, CEH, GCIA, CCNA- (Security) or above)
- Excellent communication skills, able to confidently converse with technical and non-technical stakeholders
Holland & Barrett is one of the nation's most loved and trusted brands, known for offering quality health food, vitamins and supplements all sold by highly trained and qualified advisors.
Bucking the current trend of high street retailers, we forecast significant growth and expansion plans in the coming years, with considerable investment going into all areas of the business. We certainly embrace change and drive speed in everything we do. Every day presents a different challenge, but every day is also filled with fun, teamwork and passion to succeed and surpass every expectation.
Join us and see how far you can go???