Information Security Analyst
Posted on January 15, 2019 by Save the Children
TITLE: Information Security Analyst
This role works alongside three regionally based Information Security Analysts, one Data Protection Analyst and the Data Protection Officer
SCOPE OF ROLE:
Reports to: Head of Global Information Security (London)
Staff directly reporting to this post: None
Dimensions: This role works alongside 3 regionally based Information Security Analysts and a Data Protection Analyst. Save the Children International has a staff compliment of around 18,000, based in London and c55 country offices. Save the Children is a federated organisation, with 27 Member organisations.
KEY AREAS OF ACCOUNTABILITY:
- Support development, implementation and maintenance of information security policies, standards and processes to prevent, detect, analyse, and respond to information security incidents.
- Lead and contribute to the development and maintenance of the BCP/DR management program for IT systems including: development of tools and instructional guides for both business and IT teams.
- Support risk based implementation of security controls for protection of information systems, networks and applications.
- Support BAU IT security operations including Security Incident & Event Management (SIEM) processes, threat and incident management to mitigate risks.
- Support delivery of information security online training and other awareness campaigns from time to time as needed.
- Proactively research and develop technical solutions/security tools to help mitigate security vulnerabilities and automate repeatable tasks.
- Collaborate with IT Shared Services and IT Architecture & Innovation teams to ensure systems, applications and networks are secure by design.
- Assist internal and external stakeholders including auditors, when required, with information security questionnaires, audits, reviews, investigations, etc.
- Degree or diploma in information security or cyber security management / equivalent
- Experience working on ISO27001, NIST CSF or similar standards/frameworks.
EXPERIENCE & SKILLS
- Minimum of 2 years’ experience in an Information Security role.
- Familiarity with SANS Top 20 and OWASP critical controls requirements.
- Experience of addressing a wide range of IT security challenges in complex IT environment.
- Experience in development and maintenance BCP/DR management plan for IT systems and infrastructure.
- Proven experience of working within a distributed IT infrastructure, networking and application environment.
- The capacity to build and maintain excellent relations and to work effectively in a multicultural and multi-ethnic environment respecting diversity.
- Excellent problem solving skills and a proactive, solutions orientated approach
- Strong personal, organisational and self-management skills.
- Strong communication skills in English and Spanish.
- Ability to understand organizational mission, values, and goals and consistent application of this knowledge.
- Commitment to SCI values.
- Demonstrable work experience driving information security and/or data protection compliance within a not for profit organization would be a plus.
- Experience on Microsoft technologies – Windows Server and Workstation OS (Server 2012/16, Windows 10 etc), Active Directory, SSO, IDAM and Office 365.
- Exposure to ‘field operations’ and the IT Security-related issues associated with working in remote, inhospitable and insecure environments.
- Understanding of/willingness to learn key trends in international and humanitarian development, and utilising technology to support these developments.
Please apply on this link: https://stcuk.taleo.net/careersection/ex/jobdetail.ftl?job=1900002Q&tz=GMT-05%3A00