About the Job
The primary focus of the Junior GRC Security Analyst role is to ensure the current IT infrastructure security measures are maintained and kept up to date through a changing threat landscape. Not all security remediation activities can be performed by the role so liaison with other teams will be necessary - however, this role retains the overall responsibility to ensure fixes are applied in a timely manner.
The role also has responsibility for day-to-day service monitoring from a security viewpoint in order to identify trends and proactively remediate possible exposures and ensuring that any new services (whether newly designed or absorbed as part of merger/acquisition activity) are brought up to the same security standard as existing services.
Key Duties and Responsibilites
- Reduce backlog of security vulnerabilities within the IT portfolio and ensure new vulnerabilities are addressed in an appropriate timescale
- Support project work from an IT security viewpoint as required, including the take on of new services
- Review output from security monitors and tools and escalate or take appropriate action accordingly
- Respond appropriately to audit recommendations
- Support patching and other preventative security-related activities as needed
- Follow core processes and procedures such as change control and incident logging
- Keep appropriate records and update documentation or checklists as applicable
- Maintain awareness of security threat landscape pertaining to Paragon services and advise accordingly
Key Skills and Knoeldege
- Basic awareness of Paragon Banking Group key business lines.
- Good written and verbal communication skills adequate to convey technical concepts to a non-technical audience.
- Liaise with other teams as required.
- Policies and procedures
- Key HR procedures, H&S and other mandated procedures.
- Data Protection Act and other applicable legislation.
- Install, tailor, maintain, operate and interpret output from the Paragon security tool set
- Manage and interpret results from security activities such as pen-tests
Ability to evaluate security tools against defined criteria.
- Understand how the principles of conduct risk impact on the processes and procedures within your role.
- Treat customers fairly by ensuring all communication to an individual is clear, fair, jargon free and that all of their questions are answered by providing full information; enabling someone to make an informed decision.
We look foward to your applications