Information Security Analyst

Description:

About the role

At Tarmac, ‘who you are’ matters. We want to get to know you. If you share our values and are proud of a job well done, collaborative in working well with others and ambitious to make things better, then have a read of what we have on offer.    

We are currently looking for an ambitious and enthusiastic Information Security Analyst to join our IT team based in Solihull, West Midlands. Flexible/Hybrid working available. 

The role is responsible for the cost-effective protection of corporate Information assets. It defines the approach, develops the framework and implements & monitors our Information Risk and Security Strategy. 

It also provides assurance to IT and Business projects and will help develop a culture of security awareness and practice. 

This role works closely with all areas of IT, to ensure that an effective approach to Risk Management is adopted and works in both a detective and preventative capacity in risk identification and treatment. 

In addition, it owns relevant SOx controls, including managing the relationship with internal and external information security auditors and acts as a deputy for the Communications & Information Security Manager when required.

Main ResponsibilitiesMain responsibilities In this role you'll:
Provide security guidance in all stages of IT project and change delivery and develop a reputation for operational excellence
Develop a culture of security awareness and practice throughout the organisation, delivering regular communications and refresher training to staff 
Take the lead on all matters relating to Cyber Essentials and other government and national accreditations.
Assess IT security risks and ensure that proportionate and cost-effective measures are in place to protect corporate assets and reputation. 
Manage regular major incident rehearsals
Provide managerial and technical guidance for all relevant security requirements in complex IT environments
Build, configure, test, and maintain security policies and procedures/processes
Report on security performance to managers and executives
Own IT security incident identification, tracking, and reporting
Establish an effective application level security framework
Be responsible for responding to system audits including all regulatory, compliance, and internal audit requirements
Monitor security policy compliance among employees, contractors, and 3rd parties
Perform security assessments, as well as tool evaluations
Work with IT management to determine acceptable levels of risk for IT, aligned to the overall enterprise risk appetiteThe Ideal CandidateExperience & qualifications

To be successful in this role you'll need:

To be degree level educated or able to demonstrate the appropriate experience within an equivalent role
Relevant security qualification eg: CISSP/CRISC/CISM/CISA etc:
To be ISO27001 certified and ITIL certified/trained and GDPR aware 
To be passionate about IT Security - keeps up-to-date with industry trends
To be an effective communicator to both technical and non-technical audiences
To support innovative thinking
To be adept at defining & building system solutions from business requirements
Experience in creative systems design and its rigorous implementation
Developed problem analysis and solving skills
To possess a risk-responsible mindsetWhy UsWe offer an extensive range of career development opportunities and industry-leading rewards, incentives and benefits: 

Bonus scheme
Enhanced holiday entitlement
Contributory pension scheme 
Access to the Tarmac Reward website with discounts on retailers, holidays, etc. 
Access to our Employee Assistance helpline for free and confidential advice 
Access to join our Employee Communities inc. LGBTQ+; Working Parents 
Training and development opportunities Interested? Why not click here to find out more?  Go on… are you ready to build your future?