Current vacancies

Current Vacancies

ROLE PROFILE

Role title

Security & Compliance Analyst

Bonus  

 

Department/Team

Service and Operations

Location

Canary Wharf, London

Salary range

Excellent

Team Size

n/a

Reporting Line

Security & Compliance Manager

 

 

 

Main Purpose of the Role

The role is responsible for defining, implementing and communicating Information Security Compliance Requirements across all countries within which Truphone have a presence.

 

Key Responsibilities

  • Development and maintenance of global policies and standards which support Truphone’s development and operational activities, including the assurance and governance of policies and standards in support of ISO27001.
  • Ensuring that all policies and procedures are well documented and implemented, performing periodic internal reviews and identifying compliance problems that call for formal attention.
  • Development of risk management strategies to detect non-compliance with security policies, and track and manage exceptions to security policy.
  • Continual improvement of the Information Security Management System to assure compliance with ISO27001 certification.
  • Provision of  support to  Corporate Sales when bidding for new accounts and help to manage the relationships with suppliers/ partners to ensure levels of Security & Continuity capabilities are commensurate.
  • Pro-active identification of weak security controls by way of conducting security reviews, and provision of recommendations for improvement to the relevant teams.
  • Maintenance and improvement of the security awareness campaign across Truphone.
  • Support for security incident response activities.
  • Support for the formalisation of regular vulnerability assessments and risk-driven patch management.
  • Support for security initiatives in line with the security roadmap.

 

Skills and Experience Required

  • Around 2 or 3 years’ experience writing information security policies and technical documents.
  • Solid knowledge of ISO27001.
  • Experience of compliance with the Data Protection Act (DPA).
  • A good all-round knowledge of IT systems, platforms, networking and security technologies.
  • Experience of working in a customer facing environment to ensure customer security requirments are met.
  • Excellent communication, reporting and interpersonal skills.
  • Ability to work proactively with business stakeholders to implement corrective actions to security gaps.
  • Any understanding of what GDPR will require would be useful.
  • Information security management qualifications such as CISSP or CISM – preferred, not essential.

 

 

NO agencies please. We work very closely with only agreed suppliers and will not accept any CVs from any 3rd parties.

 



> Click here to apply for this job