Investigo's key client based in Guildford is seeking an experienced Information Security Compliance Analyst to join an existing team.
- Undertake gap analysis of against Information Security Policy, Functional rules and practice documents.
- Develop a programme of work to address the gaps in Compliance
- Work with key stakeholders across the organisation and associated partners to address the identified gaps
- Assess and report on the risks associated with the gaps in compliance
- Compile monthly balance scorecard and MI/Metrics reporting for the Chief Information Security Officer
- Where appropriate, with the Information Security Compliance team, develop and implement wide amendments or supplements to the information security framework to meet UK regulatory, legislative, and business information security requirements
Key skills and Competencies
- Knowledge of ISO 27001, understanding of other good practice security industry standards e.g. NIST, ISF Good Practice
- Working knowledge of other security areas e.g. business continuity, physical security, and data protection.
- Performing attestations to pre-defined compliance requirements including identifying remediation activities
- Working in the security field, including due diligence and compliance
- Ability to translate IT risk language into business language
- Ability to build and maintain relationships
- Experience within the financial services industry
- Excellent written and verbal communication skills
- Flexibility, with the ability to manage multiple actions at once
- A positive attitude and willingness to take responsibility with a "Growth Mindset"
- Involvement in risk assessments with resultant reporting and remediation
- Basic understanding of information security through previous qualifications or experience