2mesjobs 2M Employment Solutions Ltd
Job Title: IT Security Analyst
Department: PFS IT Security & PCI Team
Location: London / Ireland (Trim)
Reporting Line: Senior Information Security Manager
Main Job Role:To provide IT Security support and advice to PFS Customers and Internal Staff
PFS is an award-winning FinTech Company looking for talented IT Security professionals to work in the existing IT Security team.
The IT Security Analyst is responsible for providing a first calss IT Security service to both our Customers and internal staff alike. This is a highly varied role which will enable the right candidate to be involved with numerous Security services and projects including Operational Security, Information Security, Risk, Governance, Architecture, O365, Awareness Programmes, Compliance, Threat Management, Security Analytics, Application Security, Forensics, Cyber Threat Intelligence, Vendor & Vulnerability Management services.
Duties / Key Responsibilities – Required:
• CISSP Certified or equivalent
• Advanced skills/knowledge in O365 Azure Security Controls, Policies and Alert Management
• Manage on-going PCI DSS certification, vulnerability resolution, evidence compliance
• Responsible for both the internal and external Vulnerability Scanning programme
• Technical lead of Forensic security related incidents/investigations
• Endpoint Security Management (AV / Hardening controls)
• Management of the Cyber Threat Intelligence platform and incident investigations
• Raise, monitor, action Security Incidents, Service & Change Requests via the Jira change application
• Assist with enhanced IT Security Programme, including User Analytics/Machine learning AI, Advanced Remote Access, Mobile Device Management, Endpoint Threat Detection management, MS Exchange advanced threat Protection, O365/Azure Security tools/policies/Alerts
• Ad-hoc report writing, Security Bulletins, Management Information, Security Updates, Security documentation & procedures
• Assist with ISO/27001:2013 certification programme, PCI DSS & Cyber Essentials certifications
• Management of alerts/mitigation actions for Cyber brand protection services
• Minimum 3 years’ experience required
IT Security support for wider team:
• Assist and help co-ordinate both Internal and External audit activities / IT Security Questionnaires and support of Bids/RFI’s/Tenders/Due Diligence.
• Manage the end to end Penetration Testing schedule and risk mitigation
• Update and maintain Application Logical Access Reviews for identified PFS applications in an auditable and timely manner following existing procedures
• On-going support of the IT Security Staff Education/Training Awareness Programme
• Support the development, revision and implementation of IT governance policies, procedures, standards and controls and ensure that these are fully embedded in the activities of all IT teams and associated IT suppliers.
• Develop and establish positive working relationships with both IT and key business users
• Recognise any gaps in the effectiveness of the implemented IT controls and identify and act upon opportunities for enhancements.
• Support activities necessary to successfully undertake any FCA, Banking, ISAE, ISO or ICO reporting and standards reviews.
• Provide strong central oversight to deliver consistency and quality in compliance work across the IT organisation.
IT Security Knowledge/Skills/Experience:
• Has a ‘passion’ for IT Security / Degree Educated / Min 3 years+ in a similar IT Security role
• Extensive experience of PCI DSS certification controls and processes, plus working knowledge of environments where compliance meets ISO27001:2005:2013 / NIST standards / PCI DSS certifications
• Ability to work with staff at all levels, stakeholder management
• Experienced in writing and reviewing IT policies and process documents
• Excellent English grammer, written and verbal communication skills
• Work well under pressure both independently and within a team
• Extensive O365 MS Office / Azure / Security Centre / Policy experience
• Good understanding of network security architecture, protocols and principles
• Security Firewalls reviews/remediation of issues identified and compliance
• Internal/External Vulnerability Scanning Management
• Security Forensic investigations
• Application & Network Security/Architecture
• Deep understanding of Encryption
• Web Application Firewalls
• Security mobile Apps / API’s experience
• MS BI Query experience
Industry recognised qualification/certifications such as:
• CISSP / CISM / CISA / PCI DSS / ITIL / CCISO / CISMP / CIS LA-IISP
Experience with implementing and ongoing IT Security Company Certifications, e.g.
• PCI DSS
• Cyber Essentials / +
• ISMS / Frameworks
If you have the necessary experience and would like to apply for this role please apply now with an up to date copy of your CV outlining your relevant skills and experience, together with your salary requirements for this role, and your notice period/availability.