Job Description
Provide operational security control services in accordance with the team's responsibilities- Provide expert information security advice that enables technology to be implemented in line with security policy and with an acceptable level of business risk-
Requirements
Technical Skills: · Technical depth and experience across a number of infrastructure disciplines and/or application technologies · Information security expertise generally and specialist expertise relating to specific infrastructure and/or application technologies- Experience of implementation of security controls, supported by CISSP or equivalent certification- · Experience of creating quality policy, guidelines and business case documentation for new initiatives- · Expertise and experience of security incident management and forensic examinations · Experience and understanding of an Investment Banking environment Experience of structuring and delivering change initiatives Additional Experience: · Infrastructure technology experience · Information security incident response experience
Responsibilities
· Perform operational security management activities as required, demonstrating strong security compliance and vulnerability management skills, including: * Review & approval of security-related change requests * Compliance monitoring & vulnerability scanning and oversight of remediation work * Maintenance & support of security technology solutions * Vulnerability, threat and patch management * Investigating security exceptions flagged by Controls Monitoring team * Management and participation in Information Security Incidents- * Preparation of regular formal reports to governance bodies- · Develop close working relationships with 'line teams' to ensure early visibility of technology change and high visibility of security responsibilities- · Assess residual risks relating to existing or new technology implementations or operations using the organisational framework, and register these risks as directed by the GBM Information Security Team Leader- Assist in the determination of action plans to address risks, including obtaining commitments from relevant staff- · Provide security consultancy relating to support BAU technology initiatives being undertaken by the department, by defining security requirements & objectives and providing support and guidance during design work to ensure solutions adequately address requirements & objectives- · Perform periodic security reviews of existing infrastructure, applications or offices to ensure acceptable solutions and processes have are implemented in line with policy and business risk appetite, and document the findings and recommendations- · Create and document guidelines on appropriate ways of implementing technology within GBM to comply with GIS security policy- Drive agreement on acceptable approaches and publicise results- Provide expert assistance on how to meet guidelines- · Manage and / or participate in the implementation of service improvement activities as required- · Implement and support security awareness initiatives as required Participate in On - Call and incident response activities as required-
The Individual
· Good communication skills · Self motivated team player
For additional information on this role click here
Security Analyst Role Profile-doc
| 
