Senior Security Assurance Analyst
Advanced | IT Services
Senior Security Assurance Analyst
Advanced is the UK’s third largest provider of business software and services with a £254m turnover, 16,000 customers and 2,500 employees. We provide enterprise and market-focused solutions that allow our customers to reimagine what is possible, innovate in their sectors and improve the lives of millions of people in the UK.
Advanced solutions help to care for 65 million patients in the UK, send 10 million sports fans through the turnstiles, manage over £1 billion in charity donations, support 2.5 million students and get over 1.2 billion passengers to their destinations on time.
We support both Public and Private Organisations in Healthcare, Business, Education, Sports, Finance, Transport and Legal, covering everything from local Government and Charities through to Critical National Infrastructure and Large organisations.
Information Security is a key requirement of any business and even more so for Advanced. To do this we need to challenge the status quo, collaborate, standardise and automate in order to build and improve relationships with our current and future clients.
The Security Assurance team are responsible for the delivery of Information Security knowledge and guidance across the business, ultimately enabling services to our customers. You will be part of a wider team covering all aspects of Information Security and reporting into the Director of Security and Compliance.
Main Duties and Responsibilities
This is an Information Security Assurance role with a strong focus on people, process and tooling; your remit will cover all aspects of Information Security Management.
· Manage - Manage the provision of Information Security Assurance to our customers.
· Information Risk- Streamline the information risks faced by customer and add value by defining the high risk areas to focus on which will reduce the most amount of risk.
· Security Assurance – Advise and guide the remediation of risks identified through pragmatic control definition taking cost and technical aspects into account.
· Incident Management – Help customers manage information security related incidents though liaison with Advanced teams and pragmatic advice. The focus on communication is a key aspect of this task along with expectation management.
· Provide – Insight, Service and Transparency; Insight to drive decisions, empowering us to deliver continuous improvement and innovation to our customers, Service through listening to our customer’s needs, owning our customers concerns and delivering robust solutions quickly, Transparency so our customers know exactly where their requests or incidents are in the process.
· Advice - Provides advice and guidance associated with the planning, design, implementation and improvement of Information Security taking account of current best practice, legislation and regulation.
· Legal - Contractual and Legal governance support and improvement from the Information Security team.
· Improve - Continually improve services and skills.
Skill and Knowledge Requirements
We are looking to employ someone who has drive and a self-starting mentality who will independently own the issues and find pragmatic resolutions to challenges.
You will be able to demonstrate the following:
· Degree or Professional Industry experience.
· Professional Information Security qualifications (CISSP) – Essential.
· Knowledge of Data Protection Act (2018) / GDPR, CCSP, CRISC, ISO 27001, Security Testing and SSDLC would be an advantage.
· Excellent communication skills and the ability to influence colleges.
· Be able to demonstrate the skills, knowledge and experience necessary to hit the ground running.
This role is a customer facing role and you would be required to deal with multiple information security challenges in different environments.You will be supported by a wider Security and Compliance team covering testing, operations, compliance and assurance aspects. There are development opportunities associated with the role