Analyst(Data/ Business/ Application)

Senior IT Security Analyst

The Senior IT Security Analyst will join the existing IT team who are responsible for delivering and maintaining the confidentiality, integrity and high availability of our technology and business systems.

 

The role reports directly to the Head of IT.

 

As a highly driven security professional, you will help us manage information security risks, continually review our security profile, recommend and implement technical solutions to ensure our data and information is appropriately secured. In addition, you will be able to provide security support to our project teams and have an understanding of Cyber Security in the context of a digitisation and innovation agenda.

 

The successful candidate will also research emerging threats, vulnerabilities, and security leading practices/standards to maintain and improve the security posture of Grant Thornton’s environment.

KEY RESPONSIBILITIES:

  • Enhance our information security management framework (i.e. ISO 27001)
  • In conjugation with our risk and compliance function, develop, implement and monitor a strategic, enterprise information security and IT risk management program
  • Work directly with the business units to facilitate information security risk assessment and risk management processes
  • Understand and interact with operational functions and business units through committees to ensure the consistent application of policies and standards across all technology projects, systems and services
  • Assist with the overall business technology planning, providing a current knowledge and future vision of technology and systems
  • Provide advice and guidance on IT Infrastructure from a security perspective including endpoints, switches, routers, and servers
  • Ensure monitoring and reporting of user compliance with information security policies, standards, procedures and processes.
  • Monitoring of security, events logs and reports for anomalies and problems
  • Participate in evaluation of the security of new IT products and services.
  • Ensure our client’s IT Security queries are appropriately addressed
  • Ensure Grant Thornton’s vendors are assessed against IT Security leading practices and compliance.

QUALIFICATIONS & EXPERIENCE:

  • Degree in business or a technology-related field required.
  • Professional security management certification
  • Minimum of 6 years of experience in a combination of risk management, information security and IT jobs
  • Knowledge of common information security management frameworks, such as ISO/IEC 27001, and NIST.
  • Experience in Incident Response Management
  • Excellent written and verbal communication skills and high level of personal integrity
  • Experience with contract and vendor negotiations and management including managed services.
  • Solid knowledge and understanding of network technologies and protocols and security of same (VPN, WAN, LAN, DMZ, TLS, SSL)
  • Experience with IT security technologies and Methods including OS hardening (windows and others), Endpoint Protection Software, Data Leakage Protection (DLP), Endpoint and Media encryption, Web Content filters, Intrusion Prevention/Detection Systems (IPS/IDS), Mobile technologies and Network Access Control technologies.
  • Experience with Patch Management and software deployment systems (SCCM)
  • Experience with Vulnerability scanning systems (Nexpose etc) and security remediation planning.
  • Experience of developing and implementing information security policies and procedures
  • Is an effective team player with a ‘can-do’ attitude who can provide excellent support with good communication skills