Information Security Analyst
London, England, United Kingdom - Remote
Applications have closed
OPEN Health
We are a medical affairs partner providing HEOR, market access, medical communication and omni campaign consulting services.You will love this role if you:
- Understands the need to collaborate with other teams/departments
- Being able to contribute at many levels to improving the role and the team objectives
- Love working with Metrics
- Can make the technology do amazing things
As part of the OPEN Health Information Security team, you’ll be responsible for the following activities:
- Work in partnership with Legal and GRC teams to define and implement data protection standards that will support the implementation of the required privacy protocols and standards across the organisation
- Consult and offer advisory services to OPEN Health itself but on occasions – to clients and suppliers
- Work to protect the security of the OPEN Health organisation
- Help the Head of Operations with Information Security specific items when necessary
- Work with external DPO and Information Security partners to ensure the OPEN Health technology environment is as secure as possible for our client and practice data, as well as using these sources to constantly evolve our process & procedures
- Work with colleagues to ensure that all Information Security requirements including ISO 27001 compliance and implementing a fully functioning Information Security Management System (ISMS)
- Help establish and maintain Information Security Policies
- Keep up to date with the latest security and technology developments
- Research/evaluate emerging cyber security threats and ways to manage them
- Help plan for disaster recovery and create contingency plans in the event of any security breaches
- Alongside the CSoC, monitor for attacks, intrusions and unusual, unauthorised or illegal activity
- Research security enhancements and make recommendations to management,
- test and evaluate security products
- Develop systems and processes for security best practices throughout the company
- Design new security systems or advise/help upgrade existing ones
- Use various analytic tools to determine emerging threat patterns and vulnerabilities
- Identify potential weaknesses and implement appropriate measures
- Investigate security alerts and provide incident response
- Monitor identity and access management, including monitoring for abuse of permissions by authorised system users
- Liaise with stakeholders in relation to cyber security issues and provide future recommendations
- Generate reports for both technical and non-technical staff and stakeholders
- Maintain an information security risk register and assist with internal and external audits relating to information security
- Monitor and respond to 'phishing' emails and 'pharming' activity
- Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues
- Give advice and guidance to staff on issues such as spam and unwanted or malicious emails
What you’ll bring:
- An ability to work on your own
- Adapt at understanding the need for security-specific metrics
- Expert knowledge and experience as a Data Practitioner and showing familiarity in a number of technology infrastructures (MS365, SharePoint, OneDrive and Azure) and must be accustomed to frameworks such as NIST, ISO27001, SOC II
- Evidence of at least 3 years working first-hand with IS27001/ITIL-based policies and procedures
- Knowledge of Data Classification and associated handling procedures
- Knowledge of penetration testing, network security, and the techniques used to expose and correct security flaws
- A broad understanding of security technologies including firewalls, proxies
- SIEM, antivirus/patching software, IDP/IPS, Netwrix access permission auditing
- The ability to identify and spotlight vulnerabilities on on-premises, Cloud (specifically AZURE) and remote networks; help correct problems, and prevent security breaches
- Able to work a rotating weekly schedule 8:00 am – 4:30 pm and 12:00 pm - 8:30 pm
- CompTIA Network+ which helps evaluate and validate your skills and knowledge in designing, managing, troubleshooting, and configuring networks.
- CompTIA-CySA+ - Preferable
- Certified Information Systems Security Professional (CISSP) - Preferable
- Systems Security Certified Practitioner (SSCP) - Preferable
- EC-Council - ECSA - Certified Security Analyst - Preferable
- Certified Information Systems Auditor (CISA) - Preferable
What we offer:
As a global organization, OPEN Health is committed to supporting our employees and their families through a comprehensive benefits program
- Competitive pay, generous paid vacation and holidays, and health insurance programs across all our locations
- Ongoing training and development opportunities which foster and shape your individual career path
- An active and growing commitment to bettering the communities our employees call home through our Corporate Social Responsibility program
- The opportunity to thrive in a global, collaborative environment while working every day to improve health outcomes and patient wellbeing.
- Diverse, Inclusive culture that encourages you to bring your whole self to work
Can be based in any of our UK Offices or Remotely in the UK or Ireland
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Audits Azure CISA CISSP Cloud Compliance CompTIA ECSA Firewalls IAM Incident response IPS ISMS ISO 27001 ITIL Monitoring Network security NIST Pentesting Privacy SharePoint SIEM SOC SSCP Vulnerabilities
Perks/benefits: Career development Competitive pay Health care
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Manager Pentest H/F jobs
- Open Information Security Specialist jobs
- Open Senior Security Analyst jobs
- Open Security Operations Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Cyber Security Engineer jobs
- Open Product Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Cyber Security Specialist jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Cybersecurity Analyst jobs
- Open Principal Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Specialist jobs
- Open IT Security Analyst jobs
- Open Chief Information Security Officer jobs
- Open Security Researcher jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open IT Security Engineer jobs
- Open Senior Cyber Security Specialist jobs
- Open Agile-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open CISM-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open SaaS-related jobs
- Open Threat intelligence-related jobs
- Open CISA-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Java-related jobs
- Open Kubernetes-related jobs
- Open Security Clearance-related jobs
- Open EDR-related jobs
- Open Malware-related jobs
- Open IDS-related jobs
- Open CEH-related jobs
- Open APIs-related jobs
- Open CI/CD-related jobs