Security and Governance Analyst

FULL TIME - 37hrs

JOB PURPOSE

The Security and GovernanceAnalystrole providesvery importantsupport to the IT team and the wider organisation. They would work closely with the ITManagerand our security partnerstoensurethe security and integrity ofTwo Saintsinformation systemsand forcollaborating onpolicies procedures andadministeringcontrols to protect sensitive data from cyber threats and ensure compliance with regulatory requirements reporting performance back to theIT Manager Performance and Executive teams.

MAIN RESPONSIBILITIES

• In conjunction with the IT Manager build a constructive relationship with Two Saints principal IT suppliers to ensure that the contracted standards of service and support are met

• Work together with these suppliers to ensure that Two Saints ICT Security policies are appliedand followedcorrectly

• Regularly review the security preparedness of our supply chain

• Work with theLearning and DevelopmentManager and the HR team toestablisha minimum standard ofcyber awarenessskills for Two Saints staff assess the quality ofboth internal and external trainers with the delivery of trainingand awareness through learningplatforms and internal communication

• In conjunction with Systems & Applications Support and Network Support colleaguesmaintainaccuraterecords of software licences equipmenttypesand locationsetc.

• Ensure the organisationmaintainsa good levelof IT security by evaluating risks and solutions. Continue to implement and develop solutions in line with ongoing threats

• Assistin ensuring the organisationremainsGDPR compliantand provide supportforsubject access requests anddestruction of datain line withdata governance

• Support the IT Manager to review andmaintaindata governance policies and Data Loss Prevention (DLP) using Microsoft compliance tools

• Oversee daily security checks and carryout any follow up actionrequired

• Reporting tothe IT Managermaintainsecurity standards by ensuring operating system patches and hardware/firmware updates are applied across the network

• Ensure all documents processes and procedures for the ICT team are kept updated

• Create and develop required reports for the organisation including producing monthly and quarterly reports for the senior management teams. Responsible for using the organisations preferred reporting tools to produce meaningful reports

• Working with the IT Managersupportand implement risk management processes toidentifyand mitigate IT risks.

• Regular auditing and monitoringofIT systems to ensure data integrity security and compliance.

• Support the IT Manager toensure thatIT projects and operationscomply withinternal and external policies regulations and standards.

• Work with the IT Manager to design and implement frameworks and procedures to ensure ITsecurity andgovernance aligns with organisationalobjectives.

• Staying informed about the latest IT trends and advancements to informcyberstrategies and policies.

• This role hasbusiness continuityresponsibilities

ROLE REQUIREMENTS

• This rolemayrequirea standarddisclosure and barring servicecheck.

• This role will require a full drivers licence and access to a vehicle

• This role will require you towork flexibly across several sites

EXPERIENCE AND QUALIFICATIONS

ESSENTIAL CRITERIA

• AchievingCyberEssentials/ CE

• Working withSecurity Frameworks

• Awareness of OperationalRisk ManagementProcesses

• Experience ofProjectWorking

• CompTIA SecurityCertifiedInformation Security Manager orequivalent
  Experienceworking with data protection and compliance

DESIRABLE CRITERIA

• 3rdParty Management particularlywithMSPs andCSOCs

• Designing Cyber Security Awareness Programmesfor internal staff awareness

KNOWLEDGE AND SKILLS

ESSENTIAL CRITERIA

• GDPRCompliance

• Hardware firmware and Microsoftpatching requirements

• Asset Management

• Management Reporting

• MicrosoftDefender

• PCI-DSS

DESIRABLE CRITERIA(experience of)

• NHS DSP Toolkit

• NIS2

• ISO27001

• Microsoft Sentinel(or other SIEM solution)

• Microsoft Purview

• Strategy creation

We reserve the right to close our adverts early if a successful candidate is found so please submit your application as soon as possible.

Two Saints is committed to safeguarding and safer recruitment. We carry out pre--employment checks such as DBS checks Overseas police checks (where appropriate) reference checks and CV gap querying for all new staff members.

INDAD

We offer support to people who are homeless vulnerable or at risk of becoming homeless and need help rebuilding their lives for a brighter future. Our services include safe flexible and reliable client led housing and support with a focus on reducing homelessness improving health and wellbeing and building on individuals skills and resilience to break the cycle of homelessness poverty and exclusion.

We work in partnership with multiple agencies and authorities to deliver support and accommodation needs across Berkshire Hampshire Isle of Wight and Dorset.

We are dedicated to safeguarding all young people and adults with our services. We follow safer recruitment practices for all our vacancies to assure that all successful candidates are suitable to work with our clients.

Were committed to creating an inclusive and diverse workforce that embodies our values and promotes a tolerant and respectful environment where everyone can feel empowered to succeed.

We welcome and encourage applications from people of all backgrounds and will support with any reasonable adjustments needed during the recruitment process.