Application Security Analyst - Salary – up to £50,000 + bens - Hemel Hempstead
As we grow in size, we realise we need to adapt, and as a result the Information Security team is growing too.
In this role, reporting to the Head of Information Security Officer, you will be working closely with the IT and the Business to ensure that we are continually meeting and delivering against our Information Security program.
- Assessing technical network security requirements in internal departments against the Information Security Framework, to ensure standards are met;
- Taking part in creating and updating application quality and security frameworks and tools to support processes and procedures for maintaining application integrity and security;
- Work closely with the Network Service teams and business teams to provide network security input, expertise and process recommendations throughout the development lifecycle;
- Work with the third parties in penetration and vulnerability assessments and assurance, and implementing their recommendations within the business and service delivery teams;
- Involvement with our IT Projects in determining InfoSec Weaknesses, Assessments and remediation activities in order to prevent Projects weak in InfoSec hitting Production Environment;
- Provide effective reporting to the Information Security Officer of trends, monitoring activities and application risks;
- Develop forensic tools and capabilities for Windows and Linux environments;
You will possess:
- Proven previous experience in a similar role
- Ability to effectively communicate network security risks and impacts to various IT and business stakeholders
- Knowledge of current IT Security standards regulations such as PCI-DSS, DPA and ISO27001
- Good technical knowledge of networks, hardware and infrastructure including Windows, Linux, Firewalls, Load Balancers, Routers, IDS/IPS, Data Leak Protection, endpoint protection and network monitoring tools.
- Good technical knowledge of penetration testing and ethical hacking activities for internal and external facing applications.
- Good understanding of newly emerging IT technologies and architectures in a corporate environment
- Understanding of Forensic methodologies and toolset available to analyse hardware events.
- Projects, applications and programs are delivered securely and are compliant with the relevant standards and regulations.
- Operational penetration and vulnerability tests and findings are managed and resolved in a timely manner.
- Network security service providers recommendations are implemented and residual risks managed.
- Customer and Colleague feedback.
- Continuous professional development.
- Fulfilling personal objectives.
The benefits of working with us:
- Competitive annual salary and bonus scheme
- 22 days holiday entitlement rising to 25 days after 2 years service
- Salary sacrifice pension scheme
- Reward and recognition schemes including long service and team member of the month
- Opportunity for professionally recognised qualifications to develop and progress