Information Security Analyst (GRC & Cyber)

Full Job Description

Overview:We're seeking an Information Security Analyst to ensure the integrity of our systems and data. Reporting to the Head of Information Security (CISO), you'll implement and maintain security measures and policies to uphold industry standards and compliance requirements.Responsibilities:* Conduct vendor security assessments based on ISO27001, NIST, CIS, and Cyber Essentials.* Proficiency in network penetration testing.* Update and manage risk-related policies.* Maintain information security awareness tools and facilitate reporting.* Coordinate certification programs and ensure compliance.* Strong understanding of firewalls, proxies, SIEM, antivirus, and IDPS.* Create clear business presentations and documentation.* Assist in planning and executing audits.* Experience in GRC, preferably in infrastructure or application support.* Document security breaches and support remediation.* Collaborate on vulnerability assessments and penetration testing.* Maintain company-wide security best practices.* Provide guidance on security best practices.* Stay updated on technology trends and standards.* Ensure compliance with legal and regulatory obligations. Certifications:* Certified Information Systems Auditor (CISA) or ISO/IEC 27001 Lead Auditor.* CISSP certification is advantageous.Skills:* Strong project management skills.* Excellent communication and collaboration abilities.* Business acumen and commercial outlook.* Organizational and time management skills.In accordance with the Employment Agencies and Employment Businesses Regulations 2003, this position is advertised based upon DGH Recruitment Limited having first sought approval of its client to find candidates for this position.DGH Recruitment Limited acts as both an Employment Agency and Employment Business