Cyber Security and Compliance Analyst Ref : 1929
School/department: IT Services
Hours: full time or part time hours considered up to a maximum of 1 FTE. Requests for flexible working options will be considered (subject to business need).
Salary: starting at £33,797 to £40,322 per annum
Placed on: 21 August 2019
Closing date: 30 September 2019. Applications must be received by midnight of the closing date.
Expected interview date: September / October
Expected start date: As soon as possible.
This is an exciting time to join the University of Sussex, supporting us on a new journey of digital transformation. As a Cyber Security and Compliance Analyst you will be playing a crucial role in supporting the implementation of new standards of excellence in cyber security.
You will be responsible for:
- Working to ensure that cyber security risks are identified and managed before they can become an issue
- Monitoring threats and risks to University digital system, ensuring remediation is followed in a timely way
- Supporting the cyber security improvement programme, including working to achieve Cyber Essentials Plus accreditation in the short term and ISO 27001 accreditation in the future
- Carrying out audits and risk assessments that support the University’s digital strategy
- Supporting wider University efforts around GDPR and PCI-DSS compliance
- Use a range of tools and techniques to carry out regular checks to identify any potential or actual cyber security threats
- Review security incidents as they are raised and assess the most appropriate way for them to be addressed
- Work with the Cyber Security Lead to identify and carry out activities necessary to achieve and maintain Cyber Essentials Plus certification
- Work with colleagues to complete and assure continued compliance with Payment Card Industry Data Security Standard (PCI-DSS)
- Carry out periodic reviews and assessments to ensure continued compliance with any achieved security standards
- Ensure that vulnerability and penetration testing activities are successfully carried out
You will have:
- An excellent working knowledge of cyber threat landscape including emerging threats, risks and vulnerabilities
- A working knowledge of cyber security legislation and standards such as GDPR, Cyber Essentials, PCI-DSS, ISO 27001
- Skills in identifying, analysing and remediating security issues
- Excellent interpersonal skills including the ability to communicate complex technical information to both technical and non-technical audiences
- Demonstrable experience of cyber security tools, information security technologies and best practice processes
- Industry qualifications such as CISM, CompTIA, PCI ISA or similar would be highly desirable
The University of Sussex values the diversity of its staff and students and we welcome applicants from all backgrounds.
How to apply
You must email your completed application, and personal details and equal opportunities form, to email@example.com
You should attach your application form and all documents to the email (don't use a web-based upload/weblink service) and use the format job reference number / job title / your name in the subject line.
You can also send your application by post to Human Resources Division, Sussex House, University of Sussex, Falmer, Brighton, BN1 9RH.