We are looking for an Information Security Analyst to join our Technology division.

  • Do you have proven experience in an Information Security role?
  • Are you looking for a role where you’ll have the opportunity to influence Information Security processes, using the latest technology in threat detection and response?
  • Are you motivated by our vision of creating a world where every child doesn’t just survive, but thrives, and can go on to change the world?

    • If the answers to these questions are yes, we would love to hear from you!About Us

    Save the Children UK believes every child deserves a future. In the UK and around the world, we work every day to give children a healthy start in life, the opportunity to learn and protection from harm. When crisis strikes, and children are most vulnerable, we are always among the first to respond and the last to leave. We ensure children’s unique needs are met and their voices are heard. We deliver lasting results for millions of children, including those hardest to reach.

    Job Purpose

    Reporting directly to the Infrastructure Manager, as Information Security Analyst you’ll be responsible for helping to safeguard the organisation’s information assets and systems.

    You will conduct vulnerability assessments and monitor systems, networks and Web services for potential system breaches, in order to help us respond to changing legislation and ever-increasing infrastructure complexity.

    You will research security trends, new methods and techniques used in unauthorized access of data in order to pre-emptively eliminate the possibility of a system breach.

    As a rights-based organisation, we are committed to anti-racism and actively opposed systemic oppression of any form. The role holder will visibly lead our commitment to celebrate diversity, challenge inequality, and build an inclusive environment for every one of our employees so we can better represent the children we protect.

    Main Accountabilities

    As Information Security Analyst, you will have the opportunity to influence how we monitor and respond to incidents and events at SCUK, using the latest technology in threat detection and response.

    You’ll provide expertise to the wider organisation, acting as a key point of contact for Security questions and daily remediation of BAU tickets related to Cyber Security and delivering first level investigation and remediation activities as a member of the Security Incident Response Team.

    Person Profile

    To be successful you will ideally hold a CISA, CISM and/or CISSP qualification and will have gained progressive experience working in an Information Security role.

    Driven to improve systems and processes, you will be adept at providing subject matter expert advice and should have the ability to clearly articulate technical concepts to a variety of non-technical audiences.

    In addition, you will have:

  • Proven experience in an information security role, with a sound knowledge of IT security best practice, common attack types and detection / prevention methods
  • Understanding of performing 1st level analysis and interpretation of information from SOC systems; incident identification/analysis, escalation procedures, and reduction of false positives
  • Demonstrable experience of analysing and interpreting system, security and application logs in order to diagnose faults and spot abnormal behaviours
  • Experience of some common network or security devices, such as routers, switches, hubs, firewalls, or SIEMS
  • Knowledge of information security frameworks including ISO 2700x, NIST and CESG advised best practice
  • Knowledge of information security audit techniques, including management and testing of IT controls frameworks
  • Experience in Vulnerability Assessment (VA) scanner operations for identifying network and platform risks and misconfigurations.

    • Other knowledge you might bring to the role, but not essential:

  • Knowledge of OWASP top 10
  • Knowledge of DPA/GDPR
  • Experience in maintaining ISMS policies and process documents.
  • Knowledge of information security audit techniques, including management and testing of IT controls frameworks.

    • Save the Children UK is committed to diversity and equality of opportunity in all aspects of our work both external and internal. We strive to be an inclusive employer and particularly encourage applications from under-represented groups such as returning parents or carers who are re-entering work after a career break, people who are LGBT+, from Black, Asian and Minority Ethnic backgrounds, with a disability, impairment, learning difference or long-term condition, with caring responsibilities, from different nations and regions, and from less advantaged socioeconomic backgrounds.

    Note:

    To avoid disappointment, you are advised to submit your application as soon as possible as we reserve the right to close the vacancy early if a high volume of applications are received. This is to ensure that we can manage application levels whilst maintaining a positive candidate experience. Unfortunately once a vacancy has closed, we are unable to consider further applications.