Home based role Help strengthen our team as our Level 2 SOC / Security Analyst - Compliance, Assurance & Continual Improvement . Home based role.
A great opportunity to join our operational security team to support our initial and ongoing assessment of Operational Security controls against Cyber Security best practice, Organizational Policies, and recognized Security Frameworks, working with relevant stakeholders to identify areas for improvement, and support development, enhancement and implementation of robust security controls.
In addition, this role will identify areas of improvement within the Operational Security function, proactively identifying opportunities to enhance and optimize internal processes, ensuring that they are both efficient and effective.
This role is crucial in ensuring that even the most sophisticated cyber security controls are robustly implemented and enhanced.
What You'll Be Doing:
Verification and Compliance:
- Verify that systems and processes meet specified security requirements.
- Assess the correctness of cyber security risk assessments and risk management plans.
Auditing and Assurance:
- Conduct cyber security audits to find suboptimal testing, monitoring, and management of security controls.
- Present clear audit findings to technical staff and management.
Risk Management and Education:
- Assess threats and vulnerabilities, focusing on risk management.
- Identify points of potential weakness and effective areas for investigation.
- Play a role in delivering training to embed security practices.
Relationship Management:
- Meet with teams to identify potential risks, issues or concerns.
- Collaborate with various teams to ensure identified security improvements are progressed.
Continuous Improvement:
- Continuously evaluate People, Processes and Technological controls to identify area for improvement.
- Develop efficient and effective solutions with stakeholders.
What we're looking for:
- Proven experience in SOC, cyber security, compliance, and continual improvement.
- Exposure to various industries and regulatory environments is beneficial.
- Ability to perform security audits, including technical assessments and compliance checks.
- Collaborate with cross-functional teams (IT, legal, compliance) to achieve security goals
- Excellent interpersonal skills with ability to explain technical problems to non-technical stakeholders at all levels.
- Strong written and oral communication skills
- Active SC Clearance, or ability to obtain SC clearance
Experience of following Cyber Security Frameworks:
- NIST Cybersecurity Framework (CSF): Understand the five core functions of Identify, Protect, Detect, Respond, and Recover. Familiar with the framework's guidelines for managing and reducing cyber risks, in particular NIST 800.53.
- ISO/IEC 27001: Comprehend the international standard for information security management systems (ISMS). Knowledge about risk assessment, controls, and continuous improvement.
- CIS Controls: Be aware of the Centre for Internet Security's critical security controls. These provide a prioritized approach to enhance cyber security posture.
- COBIT (Control Objectives for Information and Related Technologies): Understand the framework for governance and management of enterprise IT.
Preferred Qualification:
- SANS Certification
- CISSP, CISA, or CRISC
About Capita Technology and Software Solutions (TSS) and CISO
Capita Technology and Software Solutions (TSS) is a newly formed global shared service, responsible for delivering innovation and digital transformation for Capita's businesses and clients. We work collaboratively with Capita's divisions to shape the right digital technology solutions to help clients work differently, engage differently, sell differently and to be resilient to whatever next comes their way.
Within Policy, Governance and CISO our key capabilities are to define, implement and maintain pan-Capita Cyber, Information Security and IT Policies. Defining and implementing security strategy and providing appropriate governance, assurance, asset management, risk management, privacy and health safety, to maintain compliance requirements for TSS and the wider group.
What's in it for you?
- Opportunity to progress your career.
- 23 days' holiday (rising to 27 days with length of service) with the opportunity to buy extra leave.
- The opportunity to take a paid day out of the office, volunteering for our charity partners or a cause of your choice.
- Access to our Employee Network Groups, which represent every strand of diversity and allow colleagues to connect and learn from each other on an open, inclusive platform.
- Company matched pension, a cycle2work scheme, 15 weeks' fully paid maternity, adoption and shared parental leave and plenty more.
You'll get the chance to follow your chosen career path anywhere in Capita. You'll be joining a network of experienced, innovative and dedicated individuals across multiple disciplines and sectors. There are countless opportunities to learn new skills and develop in your career, and we'll provide the support you need to do just that.
What we hope you'll do next:
Choose 'Apply now' to fill out our short application, so that we can find out more about you.
To view our Covid-19 and process adjustments information, please visit the Capita Careers site.
We're an equal opportunity employer, which means we'll consider all suitably qualified applicants regardless of gender identity or expression, ethnic origin, nationality, religion or beliefs, age, sexual orientation, disability status or any other protected characteristic.