Information Security Analyst

This job has now expired please search on the home page to find live IT Jobs.

To support and maintain the organisations EMEA's information security management system. The role sits within the scope of the organisation's ISO 27001 certified information security management system.Client DetailsGlobal pharamceutical company operating in EMEA, North America and Asia. Production of various treatments such as Gastroesophageal reflux disease, moderate Dementia for Alzheimers patients, Metastatic breast cancer and much more.DescriptionPerform comprehensive third-party supplier information security due diligence assessments in a timely manner, report on results and recommend remediation actionsPerform information security risk assessments and risk management activitiesManage and support information security events and incidents through to resolutionManage the information security awareness training program, to ensure all employees develop and maintain an awareness about and comply will all applicable Information security policies, procedures, laws and regulationsSupport Eisai corporate compliance with the General Data Protection Regulation (GDPR) from an information security perspectiveSupport the information security / IT audit processes for ISO 27001 and other compliance requirementsSupport the creation, implementation and maintenance of IT/information security standards, policies, processes and procedures in accordance with the IT/information security control frameworks such as ISO 27001Monitor, analyse and reporting on information security-based management metrics, in many cases using information security technologies such as DLP and SIEMMaintain awareness of new and changed security threats through review of specialist sites such as NCSC, CERT, etcProvide information security consultation, advice and guidance for Eisai EMEA business activities and projectsCollaborate with global and regional compliance and information security teams on information security and data privacy initiatives and events as required.Any other IT/information security tasks as requested by Manager or Director.Profile Qualifications and Education required:Degree qualified desirableProfessional information security membership and certification is desirable but not essentialISO 27001 Lead implementer / auditor certification desirable Experience required:Good knowledge of a broad range of IT technology platforms, products, services.Experience in an IT security / governance, risk and compliance-based role / information Security ManagementKnowledge & experience of developing and performing information security due diligence assessments of third-party organisationsKnowledge & experience of conducting risk assessments/business impact assessmentsPractical experience of developing and executing remediation plans to address vulnerabilities/security risks and to achieve compliance with information security standards/IT control frameworks such as ISO 27001Demonstrated experience of audits to achieve compliance with information security standardsDemonstrated experience in implementing and managing effective ISMS controlsDemonstrated experience of working with external service providers within an information security role.Business/customer facing experienceProven track record of working both in a team and independentlyJob Offer6 month fully remote contract Inside IR35 paying up to £719 p/day DOE.