Senior Information Security Analyst

GSFGroup
Wolverhampton, United Kingdom
31 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Senior

Job location

Wolverhampton, United Kingdom

Tech stack

Amazon Web Services (AWS)
Software System Penetration Testing
Azure
Cloud Computing Security
Computer Security
Disaster Recovery
Identity and Access Management
Information Security Management
Intrusion Detection Systems
Virtual Private Networks (VPN)
Python
Microsoft Office
PCI Data Security Standards
Powershell
Security Information and Event Management
Scripting (Bash/Python/Go/Ruby)
Google Cloud Platform
Cloud Platform System
Firewalls (Computer Science)
Azure Security Center
CIS Benchmarks

Job description

The Senior Information Security Analyst is responsible for developing, implementing, and overseeing the organization's information security strategy to protect sensitive data, systems, and cloud environments from threats. This role manages vendor partnerships, and ensures compliance with regulatory standards. The Senior Information Security Analyst is a proactive leader with deep expertise in cybersecurity, cloud security, and vendor coordination, dedicated to maintaining a robust security posture., * Foster a culture of security awareness.

  • Develop and maintain the organization's information security policies, procedures, and risk management framework.
  • Oversee security for cloud platforms (e.g., AWS, Azure, Google Cloud), ensuring configurations meet best practices and compliance requirements.
  • Manage relationships with security vendors (e.g., firewall providers, penetration testing firms, cloud security tools), negotiating contracts and evaluating service performance.
  • Conduct risk assessments and audits across on-premises and cloud environments, identifying vulnerabilities and implementing mitigation strategies.
  • Monitor security events using tools (e.g., SIEM, IDS/IPS, Sentinel1), leading incident response efforts and coordinating with vendors during breaches.
  • Ensure compliance with regulations (e.g., GDPR, HIPAA, PCI-DSS) and industry standards (e.g., Cyber Essentials, ISO 27001, NIST), liaising with auditors and vendors as needed.
  • Collaborate with IT teams to secure infrastructure, applications, and endpoints, integrating security into cloud and hybrid deployments. Oversee security awareness training programs for employees to reduce human-related risks.
  • Manage the security budget, including vendor agreements and cloud security tool subscriptions, optimizing investments for maximum protection.
  • Develop and test incident response, disaster recovery, and business continuity plans, ensuring alignment with cloud and vendor dependencies.
  • Provide regular reports to senior leadership on security posture, incidents, vendor performance, and compliance status., Working Conditions: Office-based with hybrid flexibility, with on-call availability for critical security incidents. May involve travel for vendor meetings, audits, or industry conferences.

Requirements

Do you have experience in VPN?, * Extensive experience in information security management (5+ years preferred), with a focus on team leadership and risk management.

  • Strong knowledge of cloud security principles and platforms (e.g., AWS Security Hub, Azure Security Center), including identity management and encryption.
  • Proven experience managing security vendors, from procurement to ongoing service oversight.
  • Expertise in security technologies (e.g., firewalls, VPNs, endpoint protection) and frameworks (e.g., NIST, CIS Controls).
  • Familiarity with scripting (e.g., Python, PowerShell) or automation tools to enhance security operations is a plus. Exceptional analytical skills to assess risks and respond to complex security incidents.
  • Excellent communication and leadership abilities to influence stakeholders, vendors, and employees.
  • Relevant certifications (e.g., CISSP, CISM, AWS Certified Security, CRISC) are highly desirable.

Personal Attributes:

  • Strategic and detail-oriented, with a passion for protecting organizational assets.
  • Calm under pressure, with strong decision-making skills during security incidents.
  • Collaborative leader, adept at aligning security goals with business objectives.

About the company

GSF Car Parts is one of the UK's leading automotive parts distributors, supplying thousands of independent garages throughout the UK and Ireland with parts, tools, garage equipment and specialist training. The group has over 175 branches nationwide and a turnover exceeding £475 million. Built on the heritage and success of a dozen local brand identities acquired over several years, we have traded as one brand since November 2021. Our branch network is bolstered by centralised support and expertise from specialist departments in key areas such as procurement and supply chain, marketing and national accounts. The business also benefits from integrated IT systems, which include our industry leading catalogue system, Allicat, and access to the Group's national garage programme, Servicesure. #INDGSF   You must create an Indeed account before continuing to the company website to apply

Apply for this position