Our Client a Global tech firm is seeking a Senior Information Security Analyst to join their team remotely on a contract basis. They offer stability, growth and an excellent working environment.
Our client requires an Information Security Analyst to implement a secure by design application strategy.
- To assist the Information Security advisory team in reviewing, defining and assisting the business to create and implementing a “secure by design” application strategy and to act as a trusted advisor to the business for securing its operations.
- The role will work closely with the business units, IT Governance team, IT Infrastructure and Information Security Technology teams to ensure that IT systems, technology, platforms and applications are designed and implemented in a secure best practice fashion and aligned to internal standards and best practices.
- You will require:
- Information Security Certifications preferable
- Certifications or recognition of prior learning in multiple elements of the technology landscape (e.g. IT Engineering, Networks, Development, Desktop, Communications, etc.) Additional Information Security Certifications preferable
- 5 plus years’ experience within the IT landscape of which at least 1 year has been in the Information Security space explicitly. 2-3 years in an advisory or consulting role will be advantageous.
Information Security Advisory
- Proactively engage and consult with the business to ensure that Information Security is a strategic partner to the business and enabler of secure technology solutions.
- Position the role as being the interface between business, technology and Information Security. Be seen as the face of Information Security to the business.
- Act as a trusted advisor during engagement with the stakeholders in business, demand management and suppliers / vendors to ensure that any proposed technology solution is designed with a secure-by-design philosophy. Information Security Demand Management
- Assist the Information Security Advisory team in gathering input from the demand management process for new technology requirements or technology modifications from the business.
- Act as a trusted advisor during engagement with the stakeholders in business, demand management and suppliers / vendors to ensure that any proposed technology solution is designed with a secure-by-design philosophy.
- Ensure that all the required mechanisms are factored in to any proposed technology solution so that the solution is aligned to the security architecture, approved application landscape, policies, standards and guidelines and best practices. Information Security Technology Risk analysis (APM and SSP)
- Assist the business in performing the required tasks, evidence and documentation to have any new or modified application created as a record on the Walmart Application Portfolio Management (APM) platform.
- Assist the business in evaluating, compiling and producing the necessary evidence artefacts and documentation required to create and obtain application deployment approval on the Walmart Security Solutions Program (SSP) platform.
- Engage with the requisite stakeholders at technology idealization or concept stage to ensure that information security risks are identified, quantified and either eradicated or mitigated successfully in the end solution design.
- Own the APM / SSP process for directly led new / modified technology and engage with required stakeholders in Demand Management, Legal, Data Governance, Data Privacy, Group Compliance, IT Governance, IT Architecture, IT Infrastructure and IT Service Management as and when the SSP or APM processes require it.
- Work closely with the “Senior Information Security Analyst” and “Information Security Advisory Lead & Advisor Enterprise” to advise the business on security practices to assist in ensuring that solutions don’t pose unmanaged risk to the business, including advising the business of alternatives means and mechanisms to achieve the desired business outcomes.
- Assist in continually evolving and improving the process for APM and SSP to streamline the process of onboarding new secure technologies into the business.
- Keep up to date with company policies and procedures, current developments in technology and security professions, including changes in legislative, regulatory and best practice frameworks.
- Keep up to date with the latest threat and attack vectors and mechanisms for overcoming them.
- Research and proactively suggest remedies for improving IT controls by engaging with and obtaining cyber intelligence from external and internal sources and sharing learnings with colleagues.
- Engage with peers in the Information Security team to advise on latest threats, new technology deployments, progress on APM and SSP submissions and requirements for assistance from other team members.
- Manage security advisory relationships, including facilitating meetings with business and supplier stakeholders; advising on proposed solutions; security postures; architecture; remedial actions; and generally acting as a trusted advisor to the benefit of all stakeholders.
- Liaison with relevant stakeholders internally within the group and with technology vendors / suppliers