Security Assurance Analyst Job in Southampton

2424 IT & Software Developer jobs in the UK

Company Size

<50

Company Type

Startup

Exp Level

Senior

Job Type

Full-Time

Language

English

Visa sponsorship

Requirements

Must:

We are seeking candidates who possess an IT-related degree or equivalent experience, along with professional certifications such as CISSP or CISM. Essential qualifications include: - Provision of Security Non-Functional Requirements against project designs. - Excellent knowledge of key compliance and control requirements relevant to the tourism and leisure industry, such as SOX, PCI DSS, and GDPR. - Hands-on experience with key security tools and their application within Information Systems. - Experience in application and web application security and management. - Proven experience in implementing information security best practices within a regulated environment. - A solid working knowledge of the National Institute of Standards and Technology Cyber Security Framework. - Skills to manage Penetration Testing processes. - Understanding of IT concepts and architectures, including Cloud, BYOD, and Mobile Device Management. - Familiarity with various delivery methodologies (Waterfall, Agile, or Hybrid). Additionally, desirable knowledge and experience include: - Understanding of HTTP, SSDLC, and security testing. - Broader awareness of Information Security Management Systems and controls, such as ISO27001. - Strong risk management knowledge and experience.

Technologies

Flow

HTTP

Responsibilities

As a Security Assurance Analyst, my responsibilities will include: - Working closely with delivery and operational teams to provide end-to-end engagement across a range of IT-focused projects and products. - Assuring required levels of due diligence, risk assessments, and security design across a portfolio of projects. - Defining security non-functional requirements for new products and services. - Reviewing and providing input on various design documents (HLD, LLD, data flow diagrams, etc.) to ensure that Security non-functional requirements are delivered and implemented prior to product or service launch. - Acting as a technical security Subject Matter Expert (SME) by representing the Information Security team in various project meetings or workshops. - Providing project consultation on various compliance frameworks that currently apply to our business, including NIST, PCI, SOX, and GDPR. - Coordinating between projects, Security Operations, and third-party vendors to ensure that security testing activities are performed and delivered as per the pre-agreed scope. - Ensuring that any vulnerabilities identified are processed in accordance with the Information Security Risk Management process. - Identifying and tracking risk issues across projects and ensuring adherence to the risk management lifecycle. - Advising on the change management process for new products or services and providing input to the Change Approval Board when necessary. - Offering support to security incident management and compliance services when required. - Collaborating with key stakeholders across security and the business to provide risk analysis of vulnerabilities, identify appropriate security controls, and review and approve remediation activities. - Supporting the broader Information Security and Risk team in evolving and embedding key governance artifacts and processes, such as effective risk management and the development of policies and procedures. - Communicating and educating technical and non-technical colleagues about security risks.

Description

We are thrilled to offer a superb opportunity to join one of the world’s largest leisure travel companies, which operates a global fleet of cruise ships carrying millions of guests each year. This position is an initial 6-month contract, compliant with IR35, requiring on-site presence in our Southampton office three days per week. We are committed to fostering a culture of security awareness across our organization and strive to enhance security practices to ensure our customers are engaged and understand the information security requirements relevant to them. Join us in driving the evolution and maturity of security and risk management within our company. Further details will be available upon successful application.

Something wrong or incorrect with this job? Tell us in the chat 💬 on the right ➡️

IT & Software developer jobs in the UKSecurity Engineer jobs in the UKSecurity Engineer jobs Southampton

You can find Cyber Security Engineer salaries in the UK here.

How many Cyber Security Engineer jobs are in the UK?

Currently, there are 2424 Security openings. Check also: IAM jobs, SAML jobs, Cisco jobs, Splunk jobs - all with salary brackets.

Is the UK a good place for Cyber Security Engineers?

The UK is one of the best countries to work as a Cyber Security Engineer. It has a vibrant startup community, growing tech hubs and, most important: lots of interesting jobs for people who work in tech.

Which companies are hiring for Cyber Security Engineer jobs in the UK?

Core-Asset Consulting, ApplianSys, u-blox, Serac Group, Mas & Pas Limited, BAE Systems, HM Land Registry among others, are currently hiring for Security roles in the UK.

The company with most openings is Ascendion as they are hiring for 56 different Cyber Security Engineer jobs in the UK. They are probably quite committed to find good Cyber Security Engineers.