The Security Assurance Analyst will work on the processes and procedures required to meet the requirements of our Information Security Management System (ISMS), that protects the services and data of our organisation and customers against unauthorised use, disclosure, modification, damage and loss. The role will require analytical and investigative skills to provide referential evidence of our security posture, effectiveness of controls and alignment to industry standards, demonstrating good practice.
* Support client facing commercial engagements in a consultancy capacity in relation to the various aspects of our Information Security posture.
* Process Security Incident workflow; assist in investigation and evidence gathering and report upon Information Security Incidents.
* Process issues backlog; review, assign and monitor to ensure they're progressed appropriately.
* Maintain awareness of emerging security threats, trends and issues; support the process of Threat Modelling and establish play books for incident response.
* Support third-party Security engagements with internal and external customers and partners, ensuring required documents, evidence and other artefacts are produced, relevant and delivered.
* Maintain a schedule of assessments for key functions and services, including third-parties and partners.
* Provide support for security projects and service improvements as required.
* Help to develop policies and controls that encourage secure working and protect data.
* Assist in the creation and ongoing maintenance of customer facing documentation and evolution of the Zellis Assurance Pack.
* Support the Security function in all aspects of Security operations and management reporting.
* Contribute to risk assessments and escalate where appropriate in accordance with relevant procedures and standards.
* Produce and promote security awareness material.
* Practice continuous self-learning to keep up-to-date with industry trends and developments, enhancing your skills and taking responsibility for own professional development.
Skills and Experience Required:
* Recognised qualification in relevant technical discipline, or the equivalent combination of education, professional training or work experience in a similar role.
* Understands current and emerging Security practices and standards, including ISO27001:2013, CSA, Cyber Essentials, and NIST principles.
* Understanding of emerging technologies and general network and infrastructure knowledge.
* Awareness of Zellis' third-parties (customers, suppliers and partners).
* Develops a very good working knowledge of the procedures and tools used within the security practice.
* Develops a good understanding of the standards we align to.
* Has a good understanding of the information criticality of business operations.
* Demonstrates good communication skills, with a confident style.
* Can articulate in spoken and written English to a high standard.
* Carries out duties meticulously and thoroughly.
* Is always client centric, appreciating the expectations of our customers.
With over 50 years' experience and almost 2,000 employees we serve over 5 million of our customers' employees and process in excess of 60 million payslips a year.
As a business we offer real-time recruitment, onboarding, talent and performance management services to over 600 customers via our powerful and integrated ResourceLink software.
We're trusted by leading businesses throughout the UK and Ireland to help them with their most important resource - their people. We master what we do with a third of the FTSE 100, two thirds of the top 10 retailers and a third of all UK councils as our customers