We are looking for an Information Security & Assurance Analyst to join our small team based at our Head Office in Basingstoke, Hampshire.
Reporting to the Information Security & Assurance Manager, you will play a key role in our information security activities, ensuring the confidentiality, integrity and availability of both the De La Rue's and our customers information security assets. You will be the first point of contact for routine, day to day enquires, and will be expected to give guidance and assurance to our employees, escalating to the Information Security & Assurance Manager where needed.
Key Responsibilities
- Act as the first point of contact for security-related queries from employees, customers, and third-party suppliers on matters of information security.
- Gather, monitor and process information relating to information security threats and analyse this to produce threat intelligence and identify corrective activity.
- Conduct regular risk assessments and organise vulnerability scans in line with Group Risk methodology.
- Organise penetration tests and coordinate remediation plans to address identified issues.
- Support investigations into information security incidents, ensuring timely reporting, escalation, and resolution.
- Support containment and recovery efforts to minimize impact and restore operations.
- Involved in business recovery programmes, where appropriate.
- Provide input and support during both internal and external audits.
- Plan and perform audits against customer, regulatory, ISO standards and policy requirements, including remote and overseas sites and suppliers when required.
- Communicate findings from internal and external audits to technical teams and ensure action plans are in place.
- Ensure all policies and procedures are regularly reviewed, tested, and aligned with compliance requirements. Be involved in the writing of new documentation as may be required.
- Remain up to date and fully conversant with key customer information security and assurance requirements.
- Deliver and /or organise security awareness training to individuals and groups, fostering a security-conscious culture. Monitor completions rates of training and escalate non-completion issues when required.
Collaborate with IT, software development, and business teams to embed information security into project lifecycles.
-
Contract type : Permanent
Working hours : 36.5 hours per week – Monday to Friday
Base Location : Basingstoke, Hampshire
Skills, Qualifications and Experience
- Experience of working within a general IT Service Desk, IT Security or Audit environment is advantageous.
- ISO 27001 Lead Auditor qualification highly advantageous, however training can be provided if suitable applicant does not already hold this qualification.
- Must be able to achieve UK Govt. Security Clearance
- Organised approach to tasks, with ability to prioritise activities.
- Have a keen attention to detail.
- Have a professional etiquette and demeanour to be able to represent the employer appropriately.
- Be able to travel domestically and internationally to perform duties of the role.
- Able to work as part of a small team, supporting ad-hoc tasks when required.
- Knowledge of risk assessment principles is desirable.
- General awareness of current technological trends and developments in the area of information security and data protection (technical and organisational measures).
- Awareness of general and security technology and standards, such as server security, firewalls networks, TCP/IP, encryption etc.
