Information Security Systems Analyst

Coventry Store Support Centre - Walsgrave

Location

Coventry Store Support Centre - Walsgrave

Hours

Full-time

Contract Type

Permanent

Salary

Competitive plus benefits

Areas of business

Project & Programme Delivery

Job ID

19000APG

Google Map of Northview Walsgrave TriangleCoventry Coventry CV2 2SJ

Coventry Store Support Centre, Northview Walsgrave TriangleCoventry, Coventry, CV2 2SJ

As part of the Information Security Product Team; responsible for working with Information Security and the Internal IT Product Family, including Security Architects, Technical Designers and Product Owners to ensure that IT investments are delivered securely, protecting client and employee data and ensuring compliance with Information Security policies and standards. Help to identify new products and define their business requirements and then convert them into technical requirements. Utilising Agile delivery methodologies and be part of the project team through the lifecycle of a project to ensure overall delivery of a secure and effective product.

What I need to do

  • As an experienced Technical Security Analyst, work with limited supervision, with the responsibility for Technical Security input to a portfolio of products
  • Provide end to end engagement on a wide range of IT investments ensuring that security is built in, they deliver securely, and client and employee data is protected
  • Conduct Technical analysis of Sainsbury’s systems for the Identity and Access Management team identifying where existing and new product capabilities can be best used
  • Attend regular Agile/Scrum meetings with your team where you are assigned work items from a backlog, provide updates and give technical advice as required
  • Create architectural and design documents including Solution Outline Documents, Detailed Designs, Network Diagrams, Data Flow Diagrams, etc. 
  • Understand Security Functional and Non-Functional Requirements for each project and ensure that they are fulfilled prior to going into service
  • Be a Champion for the technologies and deployment strategies within your team from a security perspective
  • Develop your skills and knowledge of the products you are aligned with as well as up-skilling other team members
How I will succeed
  • Investments are delivered with a security focus integral to the solution
  • Projects are compliant with the relevant standards and regulations
  • Vulnerabilities are remediated, and any residual risk is managed appropriately
  • Accurately translating business requirements into technical requirements
  • Stakeholder and Colleague feedback
  • Continuous personal development
  • Fulfilling personal objectives 
What I need to know
  • Technical Analyst background, including stakeholder management, essential
  • Security Certification, Computer Science degree and/or MSC in Information Security desirable but not essential
  • Experience working with Identity Access Management technologies essential
  • Working knowledge of Agile delivery methodologies
  • Has a broad knowledge and understanding of IT concepts and architectures including Cloud, BYOD, etc.
  • Understanding of deploying Identity and Access Management in cloud environments, Azure, AWS etc. and integrating with cloud native technologies
  • Proactively takes responsibility, owns any issues arising and follows through to resolve them, recognising how individual responsibility impacts team delivery and inspires others to do the same 
What I need to show
  • Experience of reviewing system design documentation; including Detailed Infrastructure Designs, Service Acceptance Criteria, and Functional and Non-Functional Requirements, etc.
  • Ability to think methodically and logically and have well-honed communication skills
  • Works collaboratively with a range of people to support the Information Security and wider Business Strategies
  • Ability to work with minimal supervision and ensure projects deliver securely
  • Experience of working with Business and Technical Analysis approaches and methodologies 
Resources available to me
  • Team of colleagues specialising in Information Security
  • Third Party contractors (as appropriate) to assist with the design and deployment of solutions
  • Internal IT Product family, Security Product Owners, Security Architects, Technical Designers, various Working Groups including Customer, Colleague, Finance, etc.
  • Industry and national bodies (as appropriate).
What decisions I can make
  • Set the Functional and Non-Functional Requirements for a project
  • Development of the Solution Architecture strategy
  • Select the deployment approach from the solution priorities provided by the Product Owner and Delivery Manager
  • Significant freedom to contribute to team processes

*LI-SS