Senior Security Analyst

Description:

Security analysts are responsible for analyzing system and application security and making recommendations that optimize the protection of our computer systems and information resources. Security analysts develop, test, implement and maintain security policies and programs. They are responsible for staying current on security best practices and identifying security procedures to support business objectives and regulatory compliance.

Security analysts are responsible for analyzing system and application security and making recommendations that optimize the protection of our computer systems and information resources. Security analysts develop, test, implement and maintain security policies and programs. They are responsible for staying current on security best practices and identifying security procedures to support business objectives and regulatory compliance.

Responsibilities:

The Information Security Office (ISO) Regulatory Compliance team is seeking a Senior Security Analyst to actively contribute to our organization's compliance efforts. This role calls for someone who can work closely with various business units, conduct thorough assessments, and assist in crafting effective remediation plans.

Key Responsibilities:

As a Security Analyst on the Regulatory Compliance Team, you will:

• Coordinate audits with external assessors (QSA) and internal stakeholders to streamline assessment process

related to collecting evidences

• Support the validation of PCI requirements testing results and drive compliance gap remediation efforts

• Create and maintain documentation to support PCI program

• Lead the planning, execution, and documentation of the UK Cyber Essentials certification process, ensuring full compliance with its requirements

• Serve as the primary point of contact for UK Cyber Essentials related activities, coordinating across teams and external assessors to drive successful certification

• Conduct comprehensive internal compliance assessments, identify compliance gaps, and actively participate in

developing remediation plans.

• Collaborate closely with different business units to ensure alignment with relevant regulations and standards.

• Support automation efforts across the compliance function.

• Regularly review policies and procedures to ensure ongoing compliance with regulatory requirements.

• Effectively manage and prioritize multiple projects related to regulatory compliance.

• Stay vigilant in monitoring and tracking regulatory changes, providing teams with guidance on updating policies and

procedures as needed.

• Be a source of guidance and support for fellow members of the compliance team.

Qualifications:

Required:

• Must be presently authorized to work in the U.S. without a requirement for work authorization sponsorship by our

company for this position now or in the future

• Must be committed to incorporating security into all decisions and daily job responsibilities

• 3+ years with leading, planning and execution of PCI assessments which includes review of control design with a

focus on payment card compliance and security.

• Demonstrate the ability to work both independently with a strong sense of ownership and collaboratively within a

team to achieve departmental and project objectives.

• Ability to maintain a high degree of confidentiality.

• Detail-oriented with strong project management skills, including project planning, directing project activities, and

leading project teams.

• Proficient in documentation, communication skills, and a proven ability to deliver formal and informal presentations

to a diverse audience.

• Ability to organize and prioritize multiple complex assignments and tasks for self and team members, ensuring

deadlines are met.

• Excellent problem-solving and analytical skills, with the ability to define problems, collect data, establish facts, and

draw valid conclusions.

• Demonstrated leadership, collaboration, and relationship management skills, representing goals within the team

and outside the department.

• Ability to be flexible and adaptable to changing requirements and responsibilities while delivering high-quality

results.

• Commitment to incorporating security into all decisions and daily job responsibilities.

• Proficiency with Microsoft Office applications, including Outlook, Word, PowerPoint, and Excel.

Preferred:

• Bachelor's degree in Cyber Security, Computer Science, Computer Information Systems, Management Information Systems, or extensive security-related experience, or an equivalent combination of education and experience.

• Functional knowledge of productivity, documentation, and collaboration tools such as SharePoint, Jira, Confluence, and Jive.

• Experience with UK Cyber Essentials or similar international cybersecurity frameworks, including the ability to interpret requirements and lead certification efforts.