Reporting to the Information Security Manager, key responsibilities for the Information Security Analyst will include involvement in the more complex projects, assessments, risks and issues that arise with the TNT international operation.
Main tasks and responsibilities include amongst others :
Works closely with development teams to ensure that security by design principles are included as base requirements in new development projects
For complex / high risk projects, communicates information security issues effectively to business managers, users of systems and networks.
Support the continued development of the TNT Express Global Information Security posture, including involvement in integration / strategic initiatives.
Conduct Information Security assessments on complex / high risk projects to confirm the level of compliance to the defined requirements of the company information security standards.
Identify and report any non-conformities and opportunities for improvement.Agree corrective actions to restore compliance, and identify any preventative actions necessary to avoid future non-compliance.
Conduct investigation, analysis and review following breaches of Information Security controls, and prepare recommendations for appropriate control improvements, involving other professionals as required.
Support Global IT colleagues to ensure appropriate Information Security controls are an integral part of all Global IT business solutions, including those provided by third parties.
Manage vulnerabilities proactively via involvement in the development lifecycle and reactively by conducting regular vulnerability testing and leading remediation activities
Monitor for security and data breaches, follow incident response procedures in case of a breach, and follow up with remediation activities after the fact to close any security gaps
The ideal candidate for this job will have :
Educated to bachelor degree level or holds a relevant professional qualification or has a proven level of experience.
5-10 years of information security experience. Preferably CISSP and or CISM certified or willing to certify.
Must be able to conduct information security risk assessments and advise the organization on closing the indentified gaps.
Must have a strong technical background in order to assess and support IT development, application and implementation projects.
Must be able to interpreted information security policies and standards and translate these into effective information security controls.
Is effective in designing and implementing information security processes which support, secure software development, change management, logical access control or other security domains.
Is effective and persuasive in both written and oral communication in English
A challenging position in an international and dynamic working environment
A learning environment to further development / career opportunities
An independent position with responsibilities
Salary scale 31