Are you looking to join a vibrant and fun global company who are growing and going places? We are Asite and together we are shaping the future of cloud base collaboration for the construction industry. We require a Senior Security Analyst to support us in our security journey.
Reporting directly to the CISO, you will be a security generalist (or a specialist looking to broaden their experience). You’ll bring with you in-depth experience of both practical security controls and technical security projects, and you’ll be exposed to a broad range of business, IT and security challenges. The key focus for this role will be enabling quick and effective delivery of security change across the organisation.
You’ll have excellent communication skills and be comfortable presenting key security concepts at all levels of the business.
As part of this role you will:
- Deep dive into existing controls, technical projects and create remediation plans
- Identify, track and support mitigation of security and certification improvements through leadership, collaboration, and management of change with teams across Asite.·
- Update and refine existing operational IT security processes (e.g. privileged access management, asset and patch management, vulnerability remediation and tracking).·
- Design and implement new IT security processes, working with both the security, IT and business teams.
At least two years of IT security experience plus three years of general IT experience (more is preferable)
Experience with security management frameworks (ISO27001, NIST, CIS, etc.)
Proven practical experience in implementing and operating practical security controls (with specific focus on Privileged Access Management)
Experience with risk management frameworks
Experienced in the use and application of ITIL
Excellent communication skills – will be asked to present as part of interview process
Able to obtain security clearance if needed
Has a proven track record of effective team working
Maintain current knowledge of emerging threats
Experience in responding to and managing incidents
Knowledge and experience of vulnerability management and/or threat analysis
Ability to share knowledge with colleagues to the overall benefit of the team
Ability to cope with pressure, maintaining performance when under stress, and managing time effectively through the application of organisation and planning skills
Experience with Azure and AWS
Nice to haves:
Experience with software security (DevSecOps, OWASP, BSIMM, etc)
Experience of security technologies e.g. CyberArk, SIEM/EDR, DLP, Mobile Device Management etc.
Holder of CISM, CISSP, CISA, CRISC
Knowledge of Information Security within architecture, such as TOGAF
Knowledge of IT project lifecycle, ideally Prince 2
Knowledge of Information Security within frameworks, such as COBIT
- Significant career growth opportunities
- Highly competitive salary
- Dynamic culture, with high talent density for sustained and significant personal development
- Flexible working options
- Extensive travel opportunities
- 25-day holiday allowance
- Gym membership subsidy
- Private health insurance
- Pension Plan