Information Security Analyst
Threat Protection & Defence, Global Technology
In order to protect and safeguard the business, the Threat Protection & Defence (“TP&D”) team provide global support in relation to managing Information Security, Business Continuity and Data Protection risks.
As part of a growing team, the new role will be primarily responsible on a day-to-day basis for ensuring that SANNE’s information security policies, controls and procedures are operating effectively and appropriately deployed. This will include scheduling and reviewing security configurations, reconciling information asset registers, assisting with access audits and coordinating training and awareness campaigns. Additional tasks will include ensuring senior management are kept informed through regular updates as required and the preparation of relevant management information and supporting metrics.
The successful candidate will report to the Global Information Security Manager.
This position is based in our New Belgrade office.
- Analyse logs and reports to detect potential information security anomalies or malicious activity. Areas of responsibility include, but are not limited to: vulnerability scanning, MDM/MAM deployment, web and email usage, anti virus & malware, SIEM, firewalls, DLP controls, Microsoft 365 usage.
- Schedule and perform security reviews, including reconciliations of information assets registers against appropriate control layers and industry good practice, to identify potential controls gaps or weaknesses. Document findings, agree with appropriate stakeholders and track action points until remediated.
- React to real-time monitoring system notifications and advise appropriate parties.
- Coordinate staff training and awareness campaigns, including phishing simulations.
- Assist with the production of regular management information and key metrics reporting.
- Assist in troubleshooting problems for security systems.
- Support other members of the Information Security team and work on various Information Security projects, including continued alignment with ISO 27001.
- Keep abreast of the wider threat landscape and its underlying technologies.
Skills / experience required
- Strong IT technical knowledge (e.g. Cloud, BYOD, Web applications and services) with 2+ years of demonstrable experience.
- Experience with security tools and threat management platforms (vulnerability management, threat intelligence etc.).
- Good understanding of information security for businesses.
- The ability and interest to learn and perform technical audits on IT and Information Security controls.
- Strong analytical and problem solving skills to troubleshoot problems; able report conclusions in formats aligned to the target audience.
- Must have good organisation skills and be able to work independently, whilst being part of a team.
- Excellent knowledge of English language (written and spoken).
It would be an advantage if you had:
- Experience with Active Directory and PowerShell or similar scripting experience.
- Experience reviewing security reports in Microsoft 365 and Intune/EMS controls.
- Experience working in a Security Operation Center (SOC).
- An understanding of risk management and control frameworks, such as ISO 27001 and NIST.
- Working knowledge of Data Protection controls and practices.
- Bachelor’s degree or higher preferred.
SANNE is a specialist global provider of outsourced corporate, fund and private client administration, reporting and fiduciary services. Established for over 25 years and listed on the Main Market of the London Stock Exchange, SANNE employs more than 1400 people worldwide and administers structures and funds that have in excess of £215 billion of assets and is a FTSE 250 listed business. Key clients include alternative asset managers, financial institutions, family offices, UHNWIs and corporates. SANNE has a presence in established, international financial centres spread across the Americas, Europe, Africa and Asia-Pacific.
Deadline for applications: 04.06.2019.