Cyber Security Analyst (1955)
- Location: Gloucester
- Duration: Permanent
- Working hours: 35 hours per week, Monday to Friday
- Application end date: 28/02/20
About the role
To deliver a Cyber Security & Business Continuity service to all areas of EIO across UK & Ireland complying with Industry Standards (e.g. ISO27001). Driving operational resilience across all relevant SBU’s in line with regulatory standards.
- To support the Cyber Security Consultant in defining and maintaining the Groups overarching cyber security standards and ensure that these are adopted on a Group wide basis
- Participate in Business & IT Projects as directed by the Cyber Security Consultant providing technical advice and challenge on all aspects of Cyber Security within timescales and budget.
- Produce written reports highlighting Cyber Security risks and recommending areas of improvement internally and externally.
- Perform Internal Audits relating to Cyber Security risks across Business and IT and produce relevant Audit actions
- Allocated Cyber Security support calls to be addressed within SLA
- Perform Due Diligence on External Suppliers providing appropriate feedback to the Business Owner and Supplier and produce risk recommendations that protect and enable the business.
- To support the Cyber Security Consultant in managing internal and external exercises to verify our compliance to Cyber Security standards and policies and report findings.
- Working with the Cyber Security Consultant in managing Cyber Security incidents, taking control when the Cyber Security Manager is not available including out of office hours and provide reporting of events
- Contribute to the delivery of Cyber Security awareness and education programme in line with identified business needs
- Provide consultancy on Cyber Security to others areas of the Group for both planned and ad-hoc activity
- Liaise with other areas of the Group, providing expertise, assistance and guidance to ensure that all aspects of Cyber Security is considered by the other areas.
- As directed work with Human Resources to identify and monitor breaches of policy leading to potential loss of confidential/commercially sensitive material
Key Performance Indicators
- Maintain regulatory compliance across all areas of UK and Ireland for Cyber Security and Business Due Diligence on External Suppliers
- Minimise the impact of any Cyber Security incidents which take place
- Highlight any risks or compliance issue to the appropriate areas when they are identified.
Knowledge, Skills & Experience
- Qualified, working towards or desire to study CISSP, CSLLP, CISM, CISA, QiCA other IT audit qualification or equivalent
- Thorough understanding of the concepts and, preferably, current experience of working in Cyber Security
- Experience in managing stakeholder relationships at all levels
- Excellent Analytical, Problem Solving, Decision Making and Judgement skills
- Flexible, resilient and able to work under pressure