Reference Number: JO-2108-474899
Information Security Analyst
Job Type: Permanent
Location: Central London / West End
Information Security Analyst
Contract, Up to 6 months
Pay day: up to 700 a day
Location: Fully remote
Start Date: ASAP
Key skills: Vendor Security Vendor Due Diligence
CPL are working with a global Pharmaceuticals to recruit for a contract Information Security Analyst.
To support and maintain EMEAs information security management system including the delivery of information security controls; information security supplier assessments; information security incident management; information security awareness training and the maintenance of information security policies, standards and procedures, in accordance with ISO 27001 and other information security frameworks and legislation.
The role sits within the scope of the organisations ISO 27001 certified information security management system.
Perform comprehensive third-party supplier information security due diligence assessments in a timely manner, report on results and recommend remediation actions
Perform information security risk assessments and risk management activities
Manage and support information security events and incidents through to resolution
Manage the information security awareness training program, to ensure all employees develop and maintain an awareness about and comply will all applicable Information security policies, procedures, laws and regulations
Support corporate compliance with the General Data Protection Regulation (GDPR) from an information security perspective
Support the information security / IT audit processes for ISO 27001 and other compliance requirements
Support the creation, implementation and maintenance of IT/information security standards, policies, processes and procedures in accordance with the IT/information security control frameworks such as ISO 27001
Monitor, analyse and reporting on information security-based management metrics, in many cases using information security technologies such as DLP and SIEM
Maintain awareness of new and changed security threats through review of specialist sites such as NCSC, CERT, etc
Provide information security consultation, advice and guidance for EMEA business activities and projects
Collaborate with global and regional compliance and information security teams on information security and data privacy initiatives and events as required.
Any other IT/information security tasks as requested by Manager or Director
Good knowledge of a broad range of IT technology platforms, products, services.
Experience in an IT security / governance, risk and compliance-based role / information Security Management
Knowledge & experience of developing and performing information security due diligence assessments of third-party organisations
Knowledge & experience of conducting risk assessments/business impact assessments
Practical experience of developing and executing remediation plans to address vulnerabilities/security risks and to achieve compliance with information security standards/IT control frameworks such as ISO 27001
Demonstrated experience of audits to achieve compliance with information security standards
Demonstrated experience in implementing and managing effective ISMS controls
Demonstrated experience of working with external service providers within an information security role.
Business/customer facing experience
Proven track record of working both in a team and independently
If you are interested please apply or send your CV to email@example.com