Senior Information Security Analyst - Project Assurance (C5)
There's a whole lot more to technology at Sainsbury's than meets the eye. In this vital role at the forefront of Information Security, you'll find we're as much a Digital and Technology company as we are a Supermarket Chain. And as we continue our digital transformation, you'll be at the heart of it.
You'll discover a business with a Cloud-first approach, embracing the latest technologies. We're ahead of the game in methodology too, building a DevOps culture and embedding Agile working. Our Digital and Technology teams develop an extraordinary variety of products and services spanning our supermarkets, online shopping, and our finance offerings through Sainsbury's Bank. They power a diverse back office, too - from logistics and store support, through to HR apps.
We take our responsibility for protecting customer and colleague data seriously, so Information Security is crucial to our success in all these areas. The scope to develop a rewarding career is every bit as big as our ambitious plans to develop new apps and services.
As an experienced Information Security Analyst, you'll be a trusted consultant to the business. Your brief will span security assurance, business as usual, and a diverse portfolio of IT projects. Working closely with project and programme teams, including Delivery Managers, Solution Architects, Developers, DevOps and Product Owners, you'll see that projects are delivered securely and compliantly, protecting all sensitive data. Put simply, you will make sure the right security controls are always built in.
Supporting in-house development utilising Agile and Waterfall methodologies, a strong knowledge of security testing will be particularly important. You'll review projects; provide options on the best security solutions; engage with external and internal security testing resources to agree the scope of testing required; coordinate the testing process; explore the results, then assess and mitigate the risks in collaboration with the project team. The difference you make will be huge.
So what are we looking for?
You will either have information security experience and want to develop in a role with project assurance focus, or you may bring transferable skills e.g. Networking and be keen to explore the world of information security. Either way, you'll relish this opportunity to grow and make a visible difference.
Equally confident working solo and as part of a team, you will have end-to-end project engagement skills as a dedicated Security Analyst or you will develop them quickly. You'll have a flair for managing stakeholders, with a talent for clear and persuasive communication - especially when your audience doesn't share your technical security expertise.
Comfortable in a Hybrid environment like ours, you will ideally be familiar with On-Premise Data Centre infrastructure and various Cloud Service Providers.
Ideally, you'll have CISSP, CISM, CRISC, CCSP, CEH or an equivalent qualification, but it's not essential. You'll demonstrate the skills, knowledge and experience necessary to hit the ground running in every aspect of your brief, once you have rapidly familiarized yourself with our project assurance and risk management processes. Your expertise spans IT architectures and concepts including Cloud, BYOD and Mobile Device Management; OWASP vulnerabilities, tools and methodologies; HTTP, SSDLC and Security Testing, and PCI, DPA and ISO27001.
If you've got everything we're looking for, we'll give you the most rewarding role of your career so far. And while we're sure you'll be pleasantly surprised by the scope of all we do, rest assured the opportunities for development are as great as you'd expect from a major brand like Sainsbury's.
To find out more information and to apply, please click the APPLY button.