Security Analyst (NIST)
BNP Paribas Personal Finance is committed to creating responsible consumer finance solutions that customers trust and help our partners grow. With the backing of a global bank we’ve exciting growth ambitions to double the size of the business by 2020 you’ll be joining a dynamic business which provides people with opportunities to make it happen in a high energy environment.
Our IT teams keep BNP Paribas Personal Finance moving in the right direction every moment of every day, without them our business simply could not evolve. Your ideas and solutions will not just help manage operations, they will transform the business and ultimately affect how every one of our functions works.
We are seeking a Security Analyst to join an expanding security team to assist with the planning and implementation of several new security solutions, as well as to manage enhancements to existing security solutions. The successful candidate will be working closely with teams across the IT Department to ensure delivery of the organisation’s IT Security Strategy. This role presents an excellent opportunity to develop your career in IT Security, with the opportunity to gain exposure to a wide range of security technologies and be involved in all aspects of security across the business.
• Plan the implementation of new security solutions, as required for meeting defined strategic deliverables, including working with solution vendors and defining system configurations.
• Work with other teams across the IT Department and wider business to oversee the implementation of new security solutions and enhancements to existing solutions.
• Create and maintain security policies and procedures.
• Manage the handover of new security solutions to support teams for their day-to-day operations
• Ensure that any new security solutions meet wider Group requirements.
• Be a point of contact for staff across the business for any questions, concerns or issues in relation to security.
• Assist with compliance efforts (e.g. PCI-DSS, GDPR, NIST) and providing evidence for audit requests.
• Assist with incident response, as required.
Essential skills/ experience required:
• Experience working on projects to deliver new security solutions, with hands on experience working on a range of security systems.
• Strong understanding of important security concepts and security best practice.
• Passionate about security. Always keen to promote security awareness and always looking for areas where security may be improved.
• Strong written communication skills, with experience of documenting policies, procedures, security requirements and reporting for consumption at all levels up to and including senior management..
• Strong verbal communication, with the ability to clearly explain security requirements and important security concepts.
• Ability to work well with multiple teams at different technical levels.
Additional Desirable skills/experience:
• Experience implementing or managing any of the following technologies
o 2FA / SSO
o Privileged Account Management systems
o Phishing campaign test tools
• Experience creating application development policies, with a strong understanding of security best practice for application development.
• Experience in application security testing and analysis of results.
• Experience creating and testing incident response policies and plans.
• CISSP or similar security qualification.If this role sounds like your ideal next step- please apply now to be considered.
If this role sounds like your ideal next step- please apply now to be considered.
Primary Location: GB-ENG-SolihullJob Type: Standard / PermanentJob: INFORMATION TECHNOLOGYEducation Level: Not indicatedSchedule: Full-time Behavioural competency: Critical thinkingTransversal competency: Ability to understand, explain and support change