Cyber Security Compliance Analyst

This job has now expired please search on the home page to find live IT Jobs.

We deliver technical consultancy and application delivery to our clients in order to solve real world problems and allow our clients to respond to an ever-changing technical landscape. We partner closely with our clients, embedding our consultants into their businesses in order to provide a bespoke service, allowing us to truly understand our clients' needs.

We operate as a flat organisation and believe in trusting and supporting our team to operate independently. We pride ourselves on being specialists at what we do, making the most of our consultants' expertise in their fields in order to provide a best-in-class service to our clients.

The Cyber Security Compliance analyst will ensure that the organisation's devices, operations and procedures meet government and industry compliance standards. They will research regulations and policies, communicate requirements, and apply for compliance certification on our behalf.

Key Responsibilities:

Laptop/Device Tasks

- Initial Laptop build and security setting configuration

- Installing Security and Management Tools

- Providing security awareness training

- Monitoring dashboards for security alerts and contacting staff to remedy issues

- Providing a 'help desk' IT Security Issues

- Managing a process for annual device checks

- Managing the return/rebuild/redeployment of devices

SaaS/Software Tasks

- Managing requests for access to software/subscriptions

- Ensuring MFA is in use for all accounts

- Responding to security alerts from Cloud Security consoles

- Checking use of licences and revoking/reallocating as appropriate

- Managing permissions in cloud services and revoking excessive ones

- Managing DPIA and business continuity plans for company data in cloud platforms

Network/Office Tasks

- Checking security logs for WiFi/Firewall

- Monitoring use of company network

- Ensuring security updates and patches are applied

Security Events

- Managing initial incident responses

- Identifying and resolving non-compliant devices

Policies and Regulations

- Researching industry compliance regulations

- Evaluating internal operational and procedural compliance

- Analysing and updating existing compliance policies and related documentation

- Creating new policies where required

- Communicating compliance policies and guidelines

- Developing and implementing new compliance policies and procedures as required

Key Skills/Experience

- Industry-related degree or equivalent

- Ability to draft compliance policies, procedures, and related documentation

- Effective research and professional networking skills

- Ability to accurately complete applications for compliance certification

- Ability to effectively train employees

Desirable Skills

- Familiarity with UK Government Information Security Standards

- Experience with Security Tools (Firewalls, MDM, Encryption, Security Policies)

- Experience with OSX and Windows Device security settings

- Knowledge of applying NCSC Guidance

- Knowledge of NIST or ISO27001