Back to Job Search

Senior Compliance Analyst - Inside IR35

  • Location Guildford
  • Job-type Contract
  • Reference BBBH112706
  • Salary £450 - £600 per day
  • Specialisation Technology
  • Posted February 08, 2021

Investigo's major client based in Guildford is seeking an experienced a senior Information Security Compliance Analyst This role will require frequent attendance at each of the primary office locations of Guildford and Bournemouth. Reporting into the Governance, Risk & Compliance Manager, this role will manage a small team to deliver aspects of information security for the business, including

  • Gathering and reporting of attestation to central function and regulatory requirements on an at least an annual basis, identifying improvements and implementing those as directed
  • Identity Access Management is controlled to minimise risks, and identify and improve access control across the network. data and appropriate applications based on risk posed to the business
  • Annual submission for PCI compliance
  • Providing support as required to all internal audit activities, taking responsibility for getting any actions arising for the Information Security function resolved and reported
  • Manage the team to deliver this effectively whilst ensure individuals develop and perform to improve the offering to the business alongside their personal career development

Skills and Experience:

To be a success in this role, you will have experience of Information Security Management System compliance attestation in a federated/regulated business, as well as the following:

  • ISO27001 Auditor or equivalent qualification
  • Identity Access Management strategy development and implementation experience
  • Proven experience of team management and people development
  • Experience in establishing and operating a proactive and continual compliance programme, including PCI compliance delivery
  • Working knowledge of the breadth of Information Security aspects, including business continuity, physical security and data protection
  • Previous use of a GRC Tool
  • Able to translate IT risk language into business language
  • Able to build and main relationships and influence key stakeholders across the business
  • A creative and analytical mind with good customer interfacing and excellent communications skills