Senior IT Security & Compliance Analyst: Our Client are currently looking for an experienced Security & Compliance Analyst to join them in their new London HQ. This role reports into the CTO and will be at the heart of leading their security and security compliance monitoring efforts. The ideal candidate will be a technical professional with a passion for security who is looking for hands-on experience across a broad range of information security activities. A background in software engineering and experience working on both cloud-based and on-premise applications is expected.

Senior IT Security & Compliance Analyst – Responsibilities:

• Maintaining an understanding of the company’s security policies, procedures and supporting technologies to effectively identify potential risks and creative alternatives to mitigate risk exposure.
• Assist in analysing and monitor system events for signs of malicious activity or intrusion attempts,
• Assist in conducting analysis of suspected security incidents, or incidents and validate assessment findings
• Maintain an up-to-date knowledge of threats and vulnerabilities and suggest improvements in detection and mitigation strategies
• Defining and leading the execution of security audit in accordance to industry best practice security framework
• Assess the effectiveness of technical company internal security controls
• Identify security weaknesses in new and existing corporate systems
• Work closely with regional and global information security team members

Senior IT Security & Compliance Analyst – Requirements:

• Solid experience in IT security management
• Proven experience of ISO27001, PCI DSS and GDPR compliance
• Good understanding of cloud based security concepts (AWS and/or GCP, Not Azure)
• In-depth understanding & expertise of risk assessment and risk registers
• Expert-level communication skills; experience communicating with technical stakeholders
• Demonstrated ability to gather, analyse, and evaluate facts, and prepare and present concise oral and written security audit reports
• Demonstrated investigation skills with a strong focus on information gathering
• Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP) is an advantage
• Strong documentation skills
• Experience working in a fast-paced environment with dispersed stakeholders