Information Security Analyst

Birmingham
Permanent
Full-time

1 month ago

The Group Information Security team is an exciting and growing function responsible for defining the strategic direction and standards for information security across the Ampa group. Lead by the Group Information Security Officer, the team has defined and now oversees the delivery of the Group Information Security Framework aligned to industry best practices such as Cyber Essentials plus, ISO27001 and the Centre for Internet Security. As we continue to grow, the next step in the team’s evolution is to enhance our governance, risk and compliance services to continue to protect our group and our clients.The role:We are looking for an Information Security Analyst to join our Information Security Governance, Risk and Compliance Team. Your main responsibilities will be to provide support to the existing team and help build out and maintain key security GRC services aligned to our group strategy. In this role, you will join a team of skilled security professionals and work closely with both internal and external stakeholders. This role will be crucial in enabling the team to take the next steps in its evolution to better protect the group and our clients.What you will be doing:

Assist in the daily maintenance of the Information Security risk management process, ensuring accurate documentation of risks and effective follow-through on treatment actions.
Support the investigation and resolution of security incidents and breaches in accordance with established procedures.
Play an active role in coordinating and preparing for internal assurance activities and external audits.
Assist in compiling and coordinating management information and statistics to support continual assessment and evaluation aligned with key metrics and objectives.
Conduct research for policy creation and assist in the development and preparation of relevant documentation.
Prepare agendas, presentations, and other documents to support information security governance meetings.
Aid in researching, monitoring, and creating elements of group training and engagement programs, including monthly ISO bulletins as part of the Information Security Awareness Program.
Maintain awareness of Business Continuity Processes (BCP), assist with testing, and understand team BCP and Disaster Recovery responsibilities.
Support the supplier risk management processes to ensure ongoing security of the group supply chain.
Assist with client security engagement activities, such as tenders and audits, ensuring that client security requirements and contractual obligations are met.
Provide support to the Information Security Operations Team on technical security initiatives and facilitate cross-skilling opportunities between the GRC and Security Operations Teams.
Stay updated on emerging security threats and trends to ensure effective information risk management and identify potential improvement opportunities.

What you will need:

Experience of working within an information security GRC role or team would be advantageous.
Experience working within the legal or professional services sector and a group organisational structure would be advantageous.
Good organisational skills and the ability to prioritise and manage tasks in a fast-paced environment.
You will hold or may be working towards a relevant security certification.
An understand of the basic principles of information security.
An understanding of compliance frameworks and regulations (e.g., PCI DSS, NIST, ISO27001, CE+, CIS).
Able to effectively communicate and collaborate with cross-functional teams.
Good problem-solving and analytical skills to identify and address security risks and incidents effectively.
Experience in incident response planning, handling security incidents, and conducting post-incident analysis.
Good IT skills and knowledge of Excel, PowerPoint, and experience using multiple applications.

Key competencies you will need:

Excellent interpersonal and communication skills, and a keen eye for detail.
A willingness to learn and a passion to offer a solution focused approach every time.
High degree of drive and self-motivation. A “can do” attitude, able to make things happen.
Always committed to delivering excellent outcomes for clients.
Willingness to be flexible,going above and beyond to meet the changing needs of the business.
Completer/finisher with a strong focus on getting things done.
Be a team player and want to make a difference.

Benefits, Agile Working and Additional informationWe embrace agile working and offer a blended approach to where and how we work.We appreciate that people have different needs and preferences and we’re keen to be flexible, after all, we value what you do, not where you do it.We have the following hubs across the UK: Birmingham, Bristol, Leicester, Lincoln, London, Milton Keynes, Nottingham, Solihull, Stratford upon Avon, Sheffield and in the South; Crawley, East Grinstead, Lewes, Brighton, Eastbourne, Seaford, Peacehaven, Storrington, Chichester & Southampton as well as our Scotland office located in Edinburgh.Additional informationWant to find more about our ?Please be aware, for some vacancies, where we receive high numbers of applications we may need to bring the close date forward.Due to the nature of the work undertaken, confirmation of employment will be subject to a variety of checks which will be carried out once an offer of employment is accepted. Details of the checks can be found .Equal opportunitiesAmpa Group is a committed equal opportunities employer. We seek to attract, develop and retain talented people from a diverse range of backgrounds and cultures. We value and respect individuality and encourage a culture within our business where people can be themselves and be valued for their strengths and experiences. Everyone who either applies to or works for the firm is treated equally, regardless of their gender, age, ethnic origin, nationality, marital status, sexual orientation or religious beliefs.

Ampa Group

Apply Now