Montash have been engaged by a leading retailer to source an Information Security Analyst for an initial period of 3 months.
Role will involve flexing across multiple projects for example new products, new services and new technology integrations in one domain.
* Service Car Hire - making recommendations for the website to be compliant from an information security perspective
* Cloud - AWS move to domain selling systems, with 600 stores - ensuring all new products are compliant and any web enhancement meet key principles before go live. (For example often 2 websites are in play with the old one being closed one, the client have signed off on the changes made to the new version)
* GDPR - liaison with marketing, audit teams, Security Council re latest initiatives and ensuring information security with GDPR compliance at the fore front
* Integration work - the Info Security Analyst will need to ensure any gaps from a security perspective are satisfied before they pick up and shift
Duties will include:
* Liaising heavily with the Service Manager on BAU and with the Service Design & Transition Manager regarding new projects coming up the line, potential information security considerations, new technical services etc
* PCI compliance, governance
* There is a framework of principles in place in order that the same questions are not asked every time. A piece of work can go ahead if it meets the set criteria and these have been evidenced as meeting key set principles
* Role will involve engaging with technical teams - meeting and assessing any security gaps
* Role will involve maybe requesting funding if they need to engage a third party for audit purposes etc
Challenges:
Understanding of the client quickly in terms of sales & content and sheer volume of systems and projects in play.
Person leaving the business is documenting a very thorough handover document but understanding of key personnel quickly is key
