Senior Information Security Analyst
Security
Senior Information Security Analyst
Warszawa
Type of work
Undetermined
Experience
Mid
Employment Type
Permanent
Operating mode
Office
Tech stack
Security
DevOps
English
Cloud
Job description
Online interview
ABOUT US:
We are a technology center creating internal products as part of the Hargreaves Lansdown Group, the UK financial and investment giant. Our aim is to provide secure software that will help people manage their syavings and investments easy and with confidence. Initially, the teamy consisted of 15 people, today we have 80 best-in-class IT experts. Thanks to their passion, commitment and expertise, we are able to implement truly innovative solutions using cutting-edge technologies. The Senior Information Security Analyst is a specialist role with the primary focus being Information Security Governance, Risk & Compliance. They deputise for the Cyber Risk manager and are jointly accountable in ensuring Hargreaves Lansdown's Information Security Management System remains effective in protecting HL critical information assets within risk appetite. This requires a mixture of technical, and non-technical information security risk experience.
We are a technology center creating internal products as part of the Hargreaves Lansdown Group, the UK financial and investment giant. Our aim is to provide secure software that will help people manage their syavings and investments easy and with confidence. Initially, the teamy consisted of 15 people, today we have 80 best-in-class IT experts. Thanks to their passion, commitment and expertise, we are able to implement truly innovative solutions using cutting-edge technologies. The Senior Information Security Analyst is a specialist role with the primary focus being Information Security Governance, Risk & Compliance. They deputise for the Cyber Risk manager and are jointly accountable in ensuring Hargreaves Lansdown's Information Security Management System remains effective in protecting HL critical information assets within risk appetite. This requires a mixture of technical, and non-technical information security risk experience.
REQUIREMENTS:
- Minimum 4 to 5 years experience in an Information Security or related role. Ideally some of this will have been gained in a regulated environment.
- Exposure to Information Security in a DevSecOps cloud context
- Must be certified to a recognised security standard, such as CISSP, CISM, CCSP (or equivalent)
- Have practical work based experience across the areas of security policy, culture, forensics, incident response and risk management.
- Good exposure to security standards such as a ISO27001, NIST CSF or PCI-DSS
- Be able to evaluate the adequacy of security controls, and how they are applied in a business context.
- Experience of carrying out security reviews against recognised security control frameworks such as NIST CSF
- Advanced English (B2/C1)
DESIRABLE:
- Experience operating in a Cloud compliant environment will be advantageous
KEY RESPONSIBILITIES:
- Deputise for the Cyber Risk manager in ensuring HL's Information Security Management System remains effective in protecting HL critical information assets within risk appetite
- Approve within delegated limits risk assessments and 3rd party due diligence assessments that have been carried out by analysts and apprentices
- Direct the work of analysts and apprentices, and provide guidance where needed.
- Own the delivery of the cyber security awareness and training program
- Accountable for the compliance and third party security audits and reviews against best practice security control frameworks
- Carry out horizon scanning through research of security related topics and report back to the wider cyber risk team
- Be responsible for the ongoing policy maintenance of the ISMS
WORKING FOR US YOU WILL EXPERIENCE
Benefits
- Conference budget
- Training budget
- Private Pension Scheme (4% employer contribution without any additional cost nor employee contributions required)
- Annual bonus depending on performance
- English lessons with native speakers
- Private health care
- Life insurance
- Sports card
- Comfortable work environment in modern office
- Well communicated location: close to Rondo Daszyńskiego
- Bike parking
- Gym
- Play room
- Shower
- Many opportunities to gain and share knowledge and ideas
- Agile / SCRUM methodology
- Opportunity to grow according to your level of expertise
- Working with new technologies and a multi-diverse team
- Many opportunities to share knowledge and ideas
- In-house Trainings
- Supporting team
- Best welcome for new employees
- Buddy program
- Team Events
Check similar offers
