Information Security Compliance Analyst
Keynsham, England, United Kingdom
Information Security Compliance Analyst
Based in our UK Head Office – Keynsham, Chocolate Factory
Hybrid Working (2 days in the office) – Dog Friendly Office – Free Parking
We are focused on delivering our purpose of healthy animals, happy owners and benefit every clinic, customer, and patient. Join us and be part of our mission to deliver the highest quality care to millions of animals.
About The Role
We are excited to be looking for an Information Security Compliance Analyst – The information security team is responsible for safeguarding the organisation's digital assets and information.
This role will also involve conducting policy checks, assessing risks on key systems, and collaborating with internal teams, and third parties, to agree, implement and review security controls. You would be contributing to incident response efforts.
You’ll be Involved In:
Policy Development and implementation:
Risk Management
Third Part management
Incident Preparation
Compliance Monitoring and Reporting
Continuous Improvement
What you get in return:
At IVC Evidensia we recognise that our people are fundamental to the success of our business. Investing in our people, premises and processes is at the heart of what we do. In addition to a competitive salary, you can enjoy.
5 weeks holiday (increasing with service) plus bank holidays.
Your birthday, as a paid day off each year
Cycle to work scheme.
Discounted staff pet care
Company pension
EAP and supportive well-being programmes
Single Private Healthcare
Family-Friendly policies
Hybrid working
Flexible working
You will work with friendly teams in a modern, open-plan, dog-friendly, office environment. There are more benefits – to explore these, please visit: https://ivcevidensia.co.uk/our-culture
Ideally, you will have:
experience in performing IT / Cyber security control reviews.
of 4 years' experience in IT, information security or programme management positions, with a preference for those involving Governance, Risk, and Compliance (GRC) programs.
ranging analyst skills acquired while working on diverse IT and / or business projects.
management experience including requirements analysis, solution proposition, delivery tracking and benefits analysis.
working with Information security frameworks and compliance standards (e.g. ISO27001, Cyber Essentials Plus, NIST, SOC2 and PCI-DSS).
interpersonal skills
have strong planning & time management skills.
Desirable
of a range of technical security controls and their operation.
of / experience of PCI-DSS controls and implementation.
understanding of the Data Protection Act / General Data Protection Regulation.
interest in Information security and technology, and motivated to learn new technologies.
bachelor’s degree in information security or industry-recognised security certifications (e.g. CISSP, CISM, CISA, CRISC, ISO27001 lead implementor, ISO27001 auditor).
Next Steps:
After receiving your CV and being shortlisted, you will be contacted by one of our experienced recruitment team to discuss the role and your experience in more detail.
As a BAME and LGBTQ+ inclusive employer, we are keen to hear from candidates from all minority and diverse groups. As a Disability Confident Employer, we are keen to hear from candidates with disabilities and long-term health conditions and would be happy to discuss any reasonable adjustments needed during the recruitment process.