Information Security Analyst vacancy

From: Iain A Sutherland <Iain(at)Informationsecuritysolutions.com>
Date: Thu Jul 17 2003 - 17:54:51 EDT

Hi all,

I am currently looking for an Information security analyst

Please send your CV to iain@InformationSecuritySolutions.com

Currently we are only looking for UK/EU citizens to apply.

Job Specification

Information Security Analyst

Company Major Retail Organisation
Location Milton Keynes UK
Salary £32,000
Start Date ASAP
Reports to Information Security Manager
The Role To provide a central 'user provisioning' and data permission service for all platforms to ensure that access is only allowed on an 'authorised ' basis and all security breeches are identified. This will include the monitoring of access controls, related procedures and all other areas of data security for all areas of the group.To provide data security administration advice and implement solutions for all areas so that adequate security is developed within all new and existing hardware and software products used so that the risk to the business is minimised.

Key Tasks 1.To provide a day to day 'user provisioning' and data permission service for a mixed platform, database, security mechanism and application environment and to ensure that risks of erroneous access are minimised. This will include:· Creating new users and granting access· Modifying user access· Deleting users and their access· Regular audits of the user base on all platforms and applications· Maintaining the 'user database'· Second level support for user access problems· Controlling and maintaining the use of powerful user accounts· Define and create regular security management information· Review audit logs daily and follow up and possible breeches in security

                    2.To liase with IT users throughout the business to

ensure that an adequate level of access is available and not exceeded within other areas.

                    3.To provide advice and guidance on the security

controls that need to be implemented within existing systems and systems currently under development. Ensure that system developers are aware of any potential security exposures to the business.

                    4.Maintain procedures for all aspects of data security
administration.
                    5.Assist in the implementation of technical solutions to
ensure that pre-defined access principles are complied with.
                    6.Assist in the evaluation of security products as

required.

Knowledge & Experience 'A' level calibre or with a comparable level of technical expertise.Minimum of 2 years experience of performing a technical IT role, preferably with some involvement in information security user administration. Must have a clear understanding of all key technical and business issues in security management, preferably that encompasses an experience of computer operations or development or have a background in the disciplines of computer audit or computer security.Must have good technical skills and be able to apply them accurately and methodically. Must possess adequate technical ability in the system and application software installed so as to be able to apply it to data security.Must be aware of changing computer technology in hardware and software that may affect computer security and to ensure that we are aware of new initiatives and products.A good working knowledge of RACF, Unix AIX, AS400 and NT. VAX, Oracle, Db2 and SQL also an advantage.A good working knowledge of Internal and External electronic mail systems and the Internet. Electronic Fax and Voicemail systems also an advantage.Should have a general understanding of the BS7799 security standard.
Responsibilities This junior management position is responsible for administering a data security service and providing technical security advice for all areas throughout the business.

Comments This is a very complex role involving a great deal of different computer systems and applications. The knowledge required could only be gained by an experience computer professional of several years who has specialised in data security for at least two years.Accuracy and an attention to detail are of prime importance.Our computer environment requires specialist skills on various hardware platforms and the security software and applications that run on them.The jobholder must be able to link the business requirements with the technical environment and discuss the findings with management, Audit and Security.The jobholder will make recommendations on all issues affecting data security administration. They will communicate findings, both written and verbally, at senior level.An inaccurate assessment can lead to major IT security breaches not being addressed.

I look forward to hearing from you

Regards

Iain Sutherland
Director
Information Security Solutions

Tel: 020 7887 6090
Fax: 020 7887 6100 Received on Thu Jul 17 18:22:04 2003