SoG Security Analyst

Security Analyst

Team: Information Security

Reporting to: Head of Information Security Guernsey

Location: Guernsey

We are looking for an ambitious Information Security Professional to join our team, to support Agilisys in delivering information security services to our customers.

Experience consulting with customers and internal stakeholders is essential, and this position will suit someone who thrives in a busy and diverse environment and is looking for opportunities to grow their career.

Agilisys is the UK's most innovative IT and business process service provider, transforming the way our clients deliver services to their customers using strategic, affordable, shared service platforms. Working for both the public and private sector, we have earned a strong reputation and hold deep domain expertise within local government, education, and healthcare.

Our technology specialists are passionate about staying ahead of market trends to meet changing preferences across government and the public sector. As a result, we continue to deliver measurable savings and improved citizen outcomes through excellent service provision.

You will have experience of managing security under ISO27001:2013.  A comprehensive understanding of security threats, technologies, legislative and regulatory standards, industry frameworks and best practices. Experience within local government would be advantageous. An understanding or willingness to learn about cloud technologies.

Responsibilities

• Monitor and review output from security logs and monitoring systems.
• Identifying security alerts and potential security issues
• Act as incident escalation for security incidents. Helping to Investigate, escalate and resolve security issues and alerts.
• Regular review of user access rights to help maintain the organisations Role Based Access controls.
• Maintain security guidelines, ensuring that compliance plans are maintained, promoting continual improvement.
• Liaise with relevant external bodies to achieve or maintain security accreditations or certifications.
• Work with project and programme teams to identify solutions to security challenges that they might introduce, to ensure that security and compliance is maintained.
• Maintaining Information Security Management processes to ISO 27001:2013 standards, as well as certifications and approvals.
• Managing security assessments and risk assessments assisting Agilisys and the client to investigate any IT security incidents/events.
• Help support compliance, PCI/DSS , IS Security policies, standards and controls.

Requirements

• Customer focused and influential, with a high desire to drive results.
• Confident written and oral communication skills
• Experience of working with recognised IT Security standards and frameworks such as ISO 27001, PCI-DSS, NIST CSF, GovS 007, Cyber Essentials + and/or NCSC Cloud Security Principles or similar
• Information security risk management and compliance, including technical security risk assessment and treatment.
• Proven track record of performing incident management for security incidents & risk assessments to mitigate issues including lessons learned.
• Change management experience for both Information Security and business impacting Information Security Change.
• Knowledge and understanding of technical security controls in an IT environment.

Advantageous

• Security certifications e.g. CISM, CISSP or CompTIA Sec+ or other relevant experience
• Experience of working with recognised IT Security standards and frameworks such as PCI-DSS or ISO27001
• Familiarity of working to ITIL service standards and associated training, certification, and experience.
• Awareness of data protection principles and compliance

We understand some people may not apply for roles unless they “tick every box”.  If you’re excited about joining the Agilisys team and think you have much of what we’re looking for, we’d love to hear from you.

Agilisys operates as an equal opportunities employer and we welcome all applications regardless of gender, marital status, sexual orientation, pregnancy, race, colour, ethnic origin, nationality, religion or beliefs, disability, age, political opinions, or trade union membership.