Multichannel Information Security Analyst
£50'000 to £65'000, + bonus and benefits package (Hybrid working)
TRM International are pleased to offer this excellent career opportunity, for an Information Security Analyst who is keen to further develop their career, within a global retail company.
This is an excellent opening for a Information Security Analyst who enjoys working in a fast paced and progressive environment.
Reporting into the Technical Services Manager, the role holder will be required to uphold and maintain all security related aspects in relation to the company's eCommerce systems and platforms. The role will involve pro-actively/re-active monitoring, detecting and taking positive action to help avoid or mitigate against security related incidents and protecting the customer experience and data. You will be tasked with recording and analysing incidents and their resolution as a means of continuous improvement. You will be liaising and working with our wider support team across two continents.
You have a high level of technical expertise and clear insights into current business practices.
Work activities can vary day-to-day but typically involve:
Monitoring, recording and responding to all new security incidents raised via our ticketing system, telephone, face to or and email.
Liaising extensively with external or internal stakeholders to see issues through to resolution.
Liaising with stakeholders to ensure effective prioritisation of incidents based on impact and urgency.
Using your time effectively to ensure you are keeping up-to-date with the latest technology and security developments.
Research and evaluate emerging security threats and ways in which to manage or mitigate them.
Research and keep up-to-date with the latest guidance from organisations such as OWASP.
Proactive planning to create runbooks for various scenarios as an 'always-ready' approach.
Test and evaluate our existing suite of security related products and provide decision-making input in relation to any new security product the business wishes to introduce.
Plan and organise 'play days' or 'ethical hacking days' in order to test the current protection levels and identify any weaknesses.
Drawing up, supervising and documenting processes for the benefit of the wider team.
Supporting users on change control and system updates to ensure best-practice is followed.
Providing regular reports for management and other non-technical stakeholders.
Maintain a risk register and assist with internal and external audits relating to security.
Work closely with multiple 3rd-party suppliers to ensure any risks are understood and mitigated against.
Offer advice and guidance to internal stakeholders to ensure best-practice is always followed.
Supporting the team and the business with events that drive significant volumes of traffic to the sites including potentially malicious bot traffic, to ensure system integrity.
Experience and Knowledge:
Educated to degree level in any IT related field such as Computer Science OR relevant work experience in a security/cyber-security role.
Strong will to learn, grow and excel.
A passion for cyber-security and a keen interest in technology.
Excellent oral and written communication skills.
An Information Security background with strong skills in the InfoSec space as well as core Cyber Security skills and proficiencies including a solid understanding of technology and security engineering and architecture principles.
Ability to understand complex web and standalone applications/systems architectures involving multiple technologies.
Build strong relationships with colleagues, key stakeholders & suppliers with the ability to demonstrate a proven track record in effective stakeholder management.
Exposure in managing and driving major security incidents and leading the retrospectives.
Works well under pressure.
Willingness to be flexible, working within a fast-paced and dynamic environment.
Enterprise-wide knowledge of Information Security, Information Governance, Information Security Risk Management and Data Protection within the retail sector.
Previous experience with malicious bot detection and mitigation.
Ability to analyse data and identify patterns and deviations.
Trained to ITIL v3 Foundation Level
Experience of working for a retail e-commerce business.
Experience in leading the investigation of Security Events and Incidents
Knowledge/experience with the following technologies would be advantageous but not necessary:
• Bot detection and mitigation tools.
• Web Application Firewalls.
• eCommerce platforms.
• AWS, Azure and other cloud technologies.
•APM monitoring tools such as New Relic, Grafana and Kibana.
*This role will be a mixture of both office based and remote working.
To work for a Global Fashion Brand
Opportunity to grow, learn, develop & progress
Competitive salary, bonus and benefits package
Apply to Sade Farrow at TRM International today by sending your CV and portfolio. Or call us for a confidential chat to find out more +44 203 3781278