Online since 1999 | 12,130 IT Jobs Live NOW

Senior Information Security Analyst / Senior InfoSec Analyst

Premium Job From Yorkshire Water
Recruiter: Yorkshire Water
Listed on: 18th January
Location: Yorkshire
Salary/Rate: £37339 - £46674
Type: Permanent
Start Date: ASAP

This job has now expired please search on the home page to find live IT Jobs.

Senior Information Security Analyst / Senior InfoSec Analyst
Salary: £37,339 to £46,674 + pension + 25 days holiday
Water is the lifeblood of Yorkshire. 5 million customers use it every day, to make a round of brews, clean a mucky pup or get the washing on. 140,000 businesses rely on it to make steel, style hair or brew pints. And behind every river, reservoir and coastline looked after, every brew made, and every business supplied is Yorkshire Water.
At Yorkshire Water we believe technology holds the key to making the most of this precious resource, and taking care of it, now and in the future. We have a five-year plan that will see us investing heavily in our Technology. Enabling us as a department to focus on our capabilities, increase our delivery and responsiveness for our customers and develop skilled technical and data experts.
The Security, Service and Operations team delivers change quickly, operates our IT services securely and embraces new technology to drive service excellence for our 5 million customers and 3,500 colleagues.
We are now looking for a number of Senior Information Security Analyst / Senior InfoSec Analyst to join us on this journey. This means no two days will ever be the same but as a Senior Information Security Analyst / Senior InfoSec Analyst you will need to really own it and can expect your role to involve:

Maintains security administration processes and checks that all requests for support are dealt with according to agreed procedures.
Provides guidance in defining access rights and privileges.
Investigates security breaches in accordance with established procedures and recommends required actions and supports / follows up to ensure these are implemented.
Contributes to the creation and maintenance of policy, standards, procedures and documentation for security.
Obtains and acts on vulnerability information and conducts security risk assessments, business impact analysis and accreditation on complex information systems.
Investigates suspected attacks and manages security incidents.
Provide proportionate and relevant technical security advice and guidance to non-security professionals across the business to ensure security requirements and considerations are taken into account across multiple workstreams, Advice such as;

Penetration testing and vulnerability scanning as part of the project lifecycle.
Security due diligence of suppliers and ongoing assessments.
Embedding vulnerability scanning where appropriate within the IT department, for example within software development or server deployment.

Provide technical risk assessment information to the Information Security Manager to support the  information security risk register.

It goes without saying that we are looking for individuals who are great communicators and comfortable conversing and influencing senior leadership stakeholders. A Senior Information Security Analyst / Senior InfoSec Analyst who fosters a culture of excellence by defining and refining methods, standards, governance and assurance and is a technical expert and champion of data, technology and analytics throughout everything they do.
What skills are we looking for

A proven understanding of information security and previous experience of working in an InfoSec or SOC (Security Operations Centre) environment.
Relevant IS industry recognised qualification such as (ISC)² CISSP/CISM, or working towards this.
Detailed understanding of current IS technologies, vulnerabilities, exploits, exposures and malicious behaviours.
Experience of utilising cyber security tools.
Understanding of information security defence and intelligence frameworks such as Cyber Kill Chain, MITRE ATT&CK, etc

Desirable

Practical experience of carrying out information security compliance reviews/ audits
Experience with common IS management frameworks, such as International Standards Organisation (ISO) 27001 and PCI DSS.

How we go about doing our job really matters to us. We all care about what we do, so whatever we're working on we own it and make sure it gets done. We don't just do this on our own as we know that we're better together - whether that's with our colleagues, customers, communities or stakeholders we use the power of people to make amazing things happen. And we're not afraid to try new things, challenge ourselves and others - we're always learning as that's how we'll improve.
We're straight talking, respectful and we get things done with care and compassion, we value, understand and embrace difference. We have heart.
Although you will have a permanent friendly office to inspire collaborative thinking, and there may be occasions when there is a business need to attend the office, we do offer flexible hybrid working arrangements. We appreciate that we all live busy lives and crave now more than ever a good work / life balance, so together we can discuss what this might look like for you as an individual. After all we know we are all good on our own but together there's no stopping us! 
Location: Working from home during Covid & thereafter flexible / hybrid working arrangements including our Bradford / Leeds offices
If you feel this opportunity is suitable and you match the skills required, then please apply online by uploading your latest CV and completing the application process.