Job Description
ISO27001 compliance | Risk & Gap Analysis | security policies |
Are you a seasoned IT Security Analyst with a keen eye for detail and a passion for safeguarding information assets? Our client is seeking a talented individual to join the team of 17 in ICT and contribute to their commitment to information security excellence. As an IT Security Analyst, you'll play a pivotal role in ensuring our clients' data remains secure and compliant with ISO27001 standards.
Key Responsibilities:
- Conduct thorough risk assessments and gap analyses to pinpoint vulnerabilities and potential threats to our client's information security.
- Develop and implement robust information security policies and procedures to uphold ISO27001 compliance.
- Manage controls, policies, risks, and compliance through our ISMS system.
- Collaborate with the broader security and IT teams to attain and uphold ISO27001 certification.
- Support staff training and awareness initiatives on information security and risk management.
- Stay abreast of the latest trends and technologies in information security and risk management.
- Maintain comprehensive system documentation and ensure compliance with all company policies and procedures.
Position Details:
This is an internal role for an organisation with a global presence and 10+ offices across New Zealand. You will be reporting to the National IT Solutions and Security Lead while leasing with the Internal IT Team, Partners, and staff across New Zealand.
Requirements:
- Strong knowledge of ISO27001 standards and compliance.
- Familiarity with other security frameworks such as NIST and SOC2.
- Experience in security audits and penetration testing.
- Excellent communication and interpersonal skills.
- Proficiency with ticketing tools (e.g., ServiceNow, Jira) for task tracking and resolution.
- Awareness of security best practices and principles, including handling and reporting security incidents.
- Practical and process-driven mindset.
- Experience in writing policy and procedure documentation.
- Proven ability in communication and stakeholder management.
- Proactive, driven, and eager to learn.
- Strong time management skills and ability to collaborate effectively within a team.
Experience/Education:
- Bachelor’s degree in computer science, Information Technology, or related field.
- Minimum of 3 years of experience in information security and risk management.