Job Ref: 214082651

Date: 2021-06-29 13:02:42

Apply Now

The Whistl success story goes from strength to strength, and as we grow, we are creating new opportunities in many areas of our business, including in IT.

Reporting into our Head of Service and Applications the IT Security Analyst will own the IT security function within the business, including management of vulnerability assessments, investigations, auditing of IT Security controls and responding to client IT security enquiries.

On a day-to-day basis you will:

Take ownership of IT security monitoring and governance within the organisation.
Understand security threat intelligence to ensure the company is in strong position to mitigate threats.
Lead the ongoing improvement of the vulnerability management programme.
Manage penetration and vulnerability testing across our Estate & applications.
Lead in the creation and adoption of security policies, standards and processes throughout the business
Define operational security requirements and implement appropriate controls.
Monitor for security incidents and take part in incident response teams to contain, investigate, and prevent future security incidents.
Identify solutions and controls which promote security automation.
Make recommendations as to how we can improve security within our environment.
Engage with and respond to client requests for IT security related information and complete the IT sections of information security supplier due diligence questionnaires.
Provide information security related input to change boards.Keywords: IT Security Analyst | Penetration Testing | Process Management | Information Security | Document Control | ISO 27001 | Risk Assessment | Azure | MS O365 | Infrastructure | Network | Cloud | Communication | Stakeholder Management | Implementation | CISSP | CISM | CISA

Benefits

23 days holiday plus bank holidays and the excellent benefits you'd expect from a market leader.

Additional Information

This role is likely to involve occasional travel between Whistl sites.

Essential Skills

You will already have experience working within an ISO27001 ISMS governed environment, improving IT security controls, performing continuous risk assessments and managing risk treatment plans. You'll also need experience working with Azure & Microsoft 365 and their associated security consoles and an understanding of security technologies and principles in application, infrastructure, network, endpoint security and cloud.

As a result of that experience, you will be able to demonstrate you are able to:

Communicate complex information effectively (verbally and in writing), in order to influence and gain commitment from internal and external stakeholders at a range of levels.
Champion and complete implementation of compliant process and procedural changes across a busy IT team.
Pro-actively identify where systems or procedures may be improved and make realistic/workable solutions or improvements as required (with full communication to the Business for approval).
Produce consistently accurate work with a high level of attention to detail even when working under pressure. A "right first time" mentality.CISSP, CISM, CISA or other equivalent qualifications are advantageous but not essential, but you will need an awareness of NIST framework and knowledge of SIEM Systems.

About Company

Whistl are a delivery management company providing efficient, high-quality and competitively priced services across Business Mail, Fulfilment and Doordrop Media both in the UK and Internationally. Distributing more than 4 billion items annually we are market leaders in Downstream Access Mail (DSA) services handling over 50% of bulk business mail in the UK.

Whistl is a Disability Confident Employer and is committed to equal opportunities for all in all of our employment policies and practices.

Due to the nature of our business, this role will be subject to a basic DBS check

Apply Now