Information Security Analyst

Job Description

To support the IT Service and Infrastructure Director in managing and reporting the Information Security Risks faced by Technology Services (TS) in delivering AJ Bells systems and services. Key to this is maintaining the confidentiality, integrity and availabilityof the data that resides upon those systems.Play a lead role in designing and implementing improvement to the Cybersecurity risk management standards, processes and tooling. Keep cyber risks and key risk indicators up to date ensuring that they can be reported on from a Departmental and Executivelevel.Assist and support the Information Security team to drive continual improvement through innovation, automation and integration of its tools and processes.The key responsibilities of the role are:

• Lead and support Cyber Security ongoing risk assessments across all areas of AJ Bell
• Maintain and develop security dashboard for business and risk reporting
• Build the right data points (qualitative and quantitative) to articulate risk severity levels and impact statements.
• Overseeing vulnerability scanning to confirm the effectiveness of patching
• Assessing and recommending server hardening activities to be completed by the Infrastructure and Service Delivery teams
• Supporting and coordinating audit and due diligence activities within Technology Services
• Be comfortable with cloud technologies (IaaS, PaaS and SaaS) to identify security risks and working with technical teams to implement appropriate controls and procedures.
• Document and regularly maintain Cyber Security documentation, i.e. Policies, Standards, Runbooks, playbooks and standard operating procedures taking into consideration ISO27001 Standards.
• Support and act as a point of escalation for Cyber Security incidents and where needed lead major Cyber Security incidents.
• Assess security emerging and potential security threats against the Mitre security framework
• Monitoring threat intelligence sources to make recommendations on latest security threats and vulnerabilities that affect our technical estate
• Provide training and guidance to business users of the cyber security faced

Technical Skills:

• Strong understanding and knowledge of Information Security risk management tools and techniques
• Experience conducting control assessments and reporting on risks
• Understanding of Cyber Risk and how it applies to agile environments
• Awareness and understanding of the Cyber Risk threat landscape
• Understanding of Information Security solutions e.g. email / web gateways, SIEM, Endpoint protection etc.
• Solid Knowledge of Security Frameworks
• Awareness of Cloud security solutions and standards
• An ability to map and embed process workflows into underpinning tooling and enable automation and continually mature and innovate.

Competence, knowledge and skillsCompetence

• Experience working within recognised Information Security frameworks and best practices such as ISO27001, NIST, Mitre Framework etc.
• Experience in an Information Security role gained in a financial services or e-commerce environment is preferred
• Experience in identifying and utilising external threat intelligence sources.

Knowledge & Skills

• Self-motivated, professional, tenacious and enthusiastic
• Strong ownership of tasks, attention to detail and following through to conclusion
• Ability to challenge approach, strategy and implementation to ensure Information Security is consistently considered and improved
• Ability to work under own initiative to plan and communicate effectively with colleagues and customers
• Structured, self-starting, flexible and enjoy working in fast-paced environments
• Effective communication skills, both written and verbal
• Ability to plan, organise and follow through on assigned tasks and complete with little or no prompting from management
• Ability to learn and develop new skills and take on new challenges
• Excellent attention to detail

About Us:AJ Bell is one of the largest providers of online investment platforms and stockbroker services in the UK, with assets under administration exceeding £65.2 billion and more than 346,700 clients. Our award winning products include Self-Invested Personal Pensions(SIPP), ISAs and Dealing Accounts.Our EQ4 office design is centred on delivering agile and collaborative working spaces that enable us to deliver a first class service to our customers. As well as state-of-the-art work areas, the office also has its own gym, relaxed break-out zones, a roofterrace, a dining area and a lounge which transforms into a bar for staff once a month.There are opportunities for growth and professional development for members wanting to progress within their career including induction training and our study support scheme which is part of our benefits package.At AJ Bell you can expect a friendly working environment with a strong sense of team work, we have a great sense of pride in what we do and this is reflected in our guiding principles.In return for your hard work you will be entitled to:

• 24 days holiday increasing up to 30 days with length of service, plus bank holidays
• Flexile and remote working policy
• Discretionary annual bonus
• Contributory pension scheme
• Paid study support for qualifications
• Enhanced maternity/paternity scheme
• Bike loan
• Season ticket loan portal
• Discounted PMI and Dental
• Free onsite gym and classes
• Holiday buy/sell scheme
• Free social events
• Plus much more