Information Security Specialist

Via Resource
From £55,000 to £60,000 per annum Plus bonus and Benefits
13 Oct 2016
21 Oct 2016
Contract Type
Joining an exciting FTSE100 business a s part of the Information Security Team you will be responsible for working with Project teams, including Security Architects, Technical Designers and Product Owners to ensure that all projects are delivered securely, protecting client and employee data and ensuring compliance with Information Security policies and standards. Using waterfall and agile project methodologies you will assist the Information Security and Payment Card Industry programmes to deliver secure, worthwhile and industry leading security projects. Key Responsibilities · As the subject matter expert you hold responsibility for Information Security input to various portfolios of projects. · Provide end to end advice on a wide range of projects ensuring that security is embedded throughout the lifecycle of the project. · Attend Project meetings to ensure that Information Security is considered at all stages and give advice as required. · Review architectural and design documents including Solution Outline Documents, Detailed Designs, Network Diagrams, Data Flow Diagrams etc. · Provide input on Security Non Functional Requirements for each project and ensure that they are fulfilled prior to going into service. · Ensure the relevant technology standards are applied to specific projects. · Produce resource estimates for Information Security engagement on projects and record your time on the current resource management tool. · Articulate risk in technical and non-technical terminology so that it can be interpreted by IT and Business individuals alike. · Carry out PCI impact assessments on projects where appropriate. · Carry out security risk assessments on projects where appropriate. · Assess the current technology infrastructure to identify information security and compliance risk areas and recommend controls to address those risks. · Identify areas of Information Security policies, procedures, standards and guidelines that need to be refined or developed. · Escalate any issues to the Information Security Project Assurance Lead where appropriate. · Attend Change Advisory Board meetings and provide security input on proposed changes. · Advise on new security industry trends · Be a Product Champion for a technology or tool that interests you from a security perspective. Key Skills and Experience • CISSP or CISM essential; CRISC, CCSP, CEH or equivalent desirable. • Computer Science degree and/or MSC in Information Security desirable but not essential. • Working knowledge of different delivery methodologies including Waterfall, Agile and Hybrid. • Strong risk management knowledge and experience. • Strong knowledge of security industry • Has a broad knowledge and understanding of IT concepts and architectures including Cloud, BYOD, Mobile Device Management etc. • Proactively takes responsibility, owns any issues arising and follows through to resolve them, recognising how individual responsibility impacts team delivery and inspires others to do the same. • Knowledge of OWASP vulnerabilities, tools and methodologies. • Knowledge of HTTP, SSDLC and Security Testing. · Strong and current knowledge of PCI, DPA and ISO27001 This job was originally posted as

More jobs like this