Senior Information Security Analyst

  • Freelance
  • Glasgow
  • Location: Glasgow
  • Salary: Day Rate only/no additional benefits

Harvey Nash

Since 1988, we’ve supported many of the world's top organisations to recruit, source and manage the highly-skilled talent they need to succeed in an increasingly competitive world. Proud to be different, our reputation has been built on our fair, open and flexible approach to doing business.

Our Financial Services client is looking for a Senior Security Analyst to work as part of the Governance & Reporting Team within Information Security. Your role will be to identify and protect the confidentiality, integrity and availability customers, employees and corporate information.

Role duties will include:

  • Conducting desktop and on-site third party security reviews
  • Responsibility for identifying areas of risk and ensuring that existing risks are being addressed, risk action plans updated and appropriate reports produced as required
  • Develop a set of Information Security focused questions for any initial RFI / RFP process where appropriate
  • Provide an information security opinion on each proposal, ensuring the key risks are identified and articulated to the project
  • Conducting Security Review on 3rd party Suppliers
  • Prepare the security element of the contract, and work with Legal Services in tailoring the contract as required to address any findings / risks identified during the IS Review
  • Provide advice and Guidance to Legal/Procurement on the content of the security provisions when the contract is written and produced by the supplier
  • Manage a number of varied stakeholders involved in on-boarding a new suppliers to the Bank e.g. Procurement, Legal and Project Managers
  • Responding to ad-hoc request for subject matter expertise to support business activity

To be considered for this role, you must have the following:

  • Experience in a Security setting – specifically reviewing policy documents, process and guidance documents
  • Exposure and usage of information security related policy, standards and methodologies in relation to 3rd party security reviews and assurance testing
  • Proven capability and experience of managing technical information security issues and risks
  • Advanced skills in the articulation of risks in Business terminology.
  • Any Financial Services experience would be an advantage