IT Security Analyst - IT Security Officer

IT Security Analyst - IT Security Officer sought by an exciting and growing business with offices in Oxfordshire. There will be an option to work from home within the working week.

To succeed, you'll need significant IT Security experience together with a strong understanding of IT systems and processes. This is a role where you'll make an important impact, so you'll need deep technical understanding of IT systems and appropriate technical qualifications such as Security+, CEH, CCNA, MCSE. A self-starter and excellent team motivator, you'll have the ability to build effective working relationships at all levels and bring integrity, trust and an innovative mindset to the role

Duties will include:

• Engage with suppliers, review supplier documentation and, if required, prepare risk management documentation and technical risk assessments to support Change Management and Information Security Management processes. Participate in the weekly Change Advisory Board.
• Lead and manage required regular infrastructure and build security audits including IT Health Checks and discrete system penetration testing, etc.
• Manage the remediation action plans relating to recommendations to reduce infrastructure and service vulnerabilities.
• Manage and liaise with partners and 3rd party suppliers, evaluating information security products and services including regular reporting from suppliers SOC functions and technical security controls.
• Establish and direct an ongoing, proactive risk assessment program for all new and existing systems and remain familiar with the business processes so effective controls can be put in place for those areas presenting the greatest information security risk.
• Communicate risks and recommendations to mitigate risks to the IT senior management team, taking account to impact on business processes and cost/benefit terms so decisions can be made to ensure the security of information systems and information
• Maintain contact with security authorities, internal and external, to ensure that security warnings/advisories are appropriately monitored and acted upon to ensure that information remains secure against external and internal threats.