Information Security Analyst
Job Introduction
About the role
At Tarmac, ‘who you are’ matters. We want to get to know you. If you share our values and are proud of a job well done, collaborative in working well with others and ambitious to make things better, then have a read of what we have on offer.
We are currently looking for an ambitious and enthusiastic Information Security Analyst to join our IT team based in Solihull, West Midlands. Flexible/Hybrid working available.
The role is responsible for the cost-effective protection of corporate Information assets. It defines the approach, develops the framework and implements & monitors our Information Risk and Security Strategy.
It also provides assurance to IT and Business projects and will help develop a culture of security awareness and practice.
This role works closely with all areas of IT, to ensure that an effective approach to Risk Management is adopted and works in both a detective and preventative capacity in risk identification and treatment.
In addition, it owns relevant SOx controls, including managing the relationship with internal and external information security auditors and acts as a deputy for the Communications & Information Security Manager when required.
Role Responsibility
- Provide security guidance in all stages of IT project and change delivery and develop a reputation for operational excellence
- Develop a culture of security awareness and practice throughout the organisation, delivering regular communications and refresher training to staff
- Take the lead on all matters relating to Cyber Essentials and other government and national accreditations.
- Assess IT security risks and ensure that proportionate and cost-effective measures are in place to protect corporate assets and reputation.
- Manage regular major incident rehearsals
- Provide managerial and technical guidance for all relevant security requirements in complex IT environments
- Build, configure, test, and maintain security policies and procedures/processes
- Report on security performance to managers and executives
- Own IT security incident identification, tracking, and reporting
- Establish an effective application level security framework
- Be responsible for responding to system audits including all regulatory, compliance, and internal audit requirements
- Monitor security policy compliance among employees, contractors, and 3rd parties
- Perform security assessments, as well as tool evaluations
- Work with IT management to determine acceptable levels of risk for IT, aligned to the overall enterprise risk appetite
The Ideal Candidate
Experience & qualifications
To be successful in this role you'll need:
- To be degree level educated or able to demonstrate the appropriate experience within an equivalent role
- Relevant security qualification eg: CISSP/CRISC/CISM/CISA etc:
- To be ISO27001 certified and ITIL certified/trained and GDPR aware
- To be passionate about IT Security - keeps up-to-date with industry trends
- To be an effective communicator to both technical and non-technical audiences
- To support innovative thinking
- To be adept at defining & building system solutions from business requirements
- Experience in creative systems design and its rigorous implementation
- Developed problem analysis and solving skills
- To possess a risk-responsible mindset
Why Us
We offer an extensive range of career development opportunities and industry-leading rewards, incentives and benefits:
- Bonus scheme
- Enhanced holiday entitlement
- Contributory pension scheme
- Access to the Tarmac Reward website with discounts on retailers, holidays, etc.
- Access to our Employee Assistance helpline for free and confidential advice
- Access to join our Employee Communities inc. LGBTQ+; Working Parents
- Training and development opportunities
Interested? Why not click here to find out more? Go on… are you ready to build your future?
Tarmac Trading Limited