This Job Has Expired! This advert has now been deleted by the advertiser, the details below are for information only.
IS SECURITY ANALYST
Enterprise House, Ashford, Kent
Competitive salary + benefits.
Role Purpose Statement
This is a senior role within the IS Operational Governance team reporting to the Head of IS Operational Governance. The role is to be the primary IS security subject matter expert for all IS projects and BAU environments. The post holder will have previous hands on experience of implementing and maintaining security technologies, with significant experience of security within SAP solutions. The role will be responsible for ensuring that robust security controls are implemented and adhered to in order to effectively manage risk whilst ensuring compliance with regulatory requirements, internal policy and standards. The role holder will have previous experience of the security requirements of Sarbanes Oxley 404, Data Protection/GDPR and PCI-DSS. This role will lead and guide teams as the IS Security ambassador for Brakes, the IS Security Analyst must be fully committed to supporting the core
business objectives of Brakes, whilst obtaining best value for money for the organisation. The role will also act as the interface to the parent company Sysco to ensure that Brakes implements and adheres to defined corporate policies and standards.
Key Accountabilities & Responsibilities
- Work with Sysco to develop, align, implement and manage the IS Security Framework.
- Ensure all projects are aligned to the IS Security Framework, technology road maps and standards.
- Identify, plan and engage with third parties on any security based remediation for Brakes UK systems and processes, in accordance with the change control policy
- Act as the process owner for any investigations involving security; preparing and maintaining associated documentation, and managingremediating actions
- Responsible for the undertaking security risk assessments and third party due diligence as necessary - identifying any issues, risks and mitigations, and escalation to the Head of IS Operational Governance.
- Design of new processes/controls as dictated by policy, audit or compliance, to be implemented by internal teams or third parties.
- Working with parent company, outsourced providers and 3rd party suppliers to lead or review detailed security designs.
- Manage and co-ordinate security tests across the Brakes estate, analyse outputs and implement remediation projects as necessary with third parties to prevent data or financial loss to Brakes
- Develop and maintain Segregation of Duties for systems, predominantly SAP.
- Act as the focal point and Subject Matter Expert for SOX, GDPR and PCI:DSS within the Brakes IS department.
- Provide input into projects as Subject Matter Expert for IS security.
- Develop, maintain and govern standards for security management, interpret security policies.
- Work closely with Group Facilities to advise and ensure physical security controls are in place across the estate to protect Brakes IS assets, eg computer rooms and equipment.
- Work closely with IS Service Teams and Project Managers in all areas of IS Security
- Work closely with 3rd parties to implement cost effective security solutions
- Managing and tracking of audits remediation requirements, and provide required evidence during audits.
Knowledge, Skills, Experience
- IT security professional with a proven hands on operational experience within IS security
- Has a good working knowledge of Security Standards and Frameworks (e.g. 27001, COBIT, SOX 404), including defining and implementing them
- Extensive knowledge of Segregation of Duties for SOX compliance including defining and implementing them in an SAP environment
- Knowledge of Data Protection/GDPR, defining and implementing standards
- Has a detailed practical knowledge of PCI-DSS requirements and implementation
- Has played a significant role in attaining and/or actively maintaining PCI-DSS compliance in a complex multi-site cardholder data environment
- Has had previous experience with PCI DSS and card payment system security and controls, ideally including main back office ERP`s and in a retail environment.
- Working experience in defining controls around O/S, Windows AD, Data and Database security
- Experience of Network, Wireless and Mobile Device Security
- Has good working experience of the SSL Certification Process
- Risk Management experience
- Has good working experience of Email and Internet Security and Filtering Controls
Brakes UK uses a third party to undertake a number of checks. Any offer of employment made by Brakes UK would be conditional upon receiving a satisfactory; reference, identity document(s), basic DBS certificate and basic credit check.
Advertiser: Direct Employer
Reference: 05553
Posted on: 2018-02-02 14:18:37
Send me Alert for jobs in:
Ashford, Kent
Email Address
KHR - Recruitment Specialists
£12.50 - £13.85 per hour + Fantastic benefits
Hays Specialist Recruitment Ltd
£16.0 - £20.0 per annum + £16-18 per hour
This Job Has Expired! This advert has now been deleted by the advertiser, the details below are for information only.
IS SECURITY ANALYST
Enterprise House, Ashford, Kent
Competitive salary + benefits.
Role Purpose Statement
This is a senior role within the IS Operational Governance team reporting to the Head of IS Operational Governance. The role is to be the primary IS security subject matter expert for all IS projects and BAU environments. The post holder will have previous hands on experience of implementing and maintaining security technologies, with significant experience of security within SAP solutions. The role will be responsible for ensuring that robust security controls are implemented and adhered to in order to effectively manage risk whilst ensuring compliance with regulatory requirements, internal policy and standards. The role holder will have previous experience of the security requirements of Sarbanes Oxley 404, Data Protection/GDPR and PCI-DSS. This role will lead and guide teams as the IS Security ambassador for Brakes, the IS Security Analyst must be fully committed to supporting the core
business objectives of Brakes, whilst obtaining best value for money for the organisation. The role will also act as the interface to the parent company Sysco to ensure that Brakes implements and adheres to defined corporate policies and standards.
Key Accountabilities & Responsibilities
- Work with Sysco to develop, align, implement and manage the IS Security Framework.
- Ensure all projects are aligned to the IS Security Framework, technology road maps and standards.
- Identify, plan and engage with third parties on any security based remediation for Brakes UK systems and processes, in accordance with the change control policy
- Act as the process owner for any investigations involving security; preparing and maintaining associated documentation, and managingremediating actions
- Responsible for the undertaking security risk assessments and third party due diligence as necessary - identifying any issues, risks and mitigations, and escalation to the Head of IS Operational Governance.
- Design of new processes/controls as dictated by policy, audit or compliance, to be implemented by internal teams or third parties.
- Working with parent company, outsourced providers and 3rd party suppliers to lead or review detailed security designs.
- Manage and co-ordinate security tests across the Brakes estate, analyse outputs and implement remediation projects as necessary with third parties to prevent data or financial loss to Brakes
- Develop and maintain Segregation of Duties for systems, predominantly SAP.
- Act as the focal point and Subject Matter Expert for SOX, GDPR and PCI:DSS within the Brakes IS department.
- Provide input into projects as Subject Matter Expert for IS security.
- Develop, maintain and govern standards for security management, interpret security policies.
- Work closely with Group Facilities to advise and ensure physical security controls are in place across the estate to protect Brakes IS assets, eg computer rooms and equipment.
- Work closely with IS Service Teams and Project Managers in all areas of IS Security
- Work closely with 3rd parties to implement cost effective security solutions
- Managing and tracking of audits remediation requirements, and provide required evidence during audits.
Knowledge, Skills, Experience
- IT security professional with a proven hands on operational experience within IS security
- Has a good working knowledge of Security Standards and Frameworks (e.g. 27001, COBIT, SOX 404), including defining and implementing them
- Extensive knowledge of Segregation of Duties for SOX compliance including defining and implementing them in an SAP environment
- Knowledge of Data Protection/GDPR, defining and implementing standards
- Has a detailed practical knowledge of PCI-DSS requirements and implementation
- Has played a significant role in attaining and/or actively maintaining PCI-DSS compliance in a complex multi-site cardholder data environment
- Has had previous experience with PCI DSS and card payment system security and controls, ideally including main back office ERP`s and in a retail environment.
- Working experience in defining controls around O/S, Windows AD, Data and Database security
- Experience of Network, Wireless and Mobile Device Security
- Has good working experience of the SSL Certification Process
- Risk Management experience
- Has good working experience of Email and Internet Security and Filtering Controls
Brakes UK uses a third party to undertake a number of checks. Any offer of employment made by Brakes UK would be conditional upon receiving a satisfactory; reference, identity document(s), basic DBS certificate and basic credit check.
Advertiser: Direct Employer
Reference: 05553
Posted on: 2018-02-02 14:18:37
I want to receive the latest job alerts for:
jobs in Ashford, Kent
KHR - Recruitment Specialists
£12.50 - £13.85 per hour + Fantastic benefits
Hays Specialist Recruitment Ltd
£16.0 - £20.0 per annum + £16-18 per hour