facebook tracking
Information Security Analyst

Information Security Analyst

Objective of the Role   

Due to continued growth and future opportunities, Semafone is looking to expand the Security Team with an Information Security Analyst to support the Head of Information Security with our many and varied teams to deliver ongoing compliance for our Information Security frameworks.

Core to the role is the maintenance of compliance and continual improvements with PCI DSS, ISMS, PA-DSS and Data Privacy. The role reports into the Head of Information Security, who has overall accountability for Information Security at Semafone.

The role will ensure that products are developed, projects are delivered, and systems are maintained within a structured framework of business as usual policies, processes and procedures whilst ensuring that the ongoing certification and compliance is not put at risk. The role will involve developing Semafone’s ISMS policies and procedures as well as highlighting new and emerging threats, vulnerabilities, technical innovation and new legislation that may impact Semafone.

The role holder will be an InfoSec subject matter expert, advising colleagues with a Development, Product, Operations, Sales, Presales, Technical and Legal focus to ensure that security and privacy by design and compliance is considered as a priority. The role holder will be supporting these teams in resolving and mediating InfoSec escalated issues as well as ensuring that Semafone adheres to the Data Privacy legislation at all times.

The role will also take responsibility for Blue and Red teaming (vulnerability and penetration testing), where personnel and resources are in place.

The successful candidate will be experienced working with technical concepts and architecture, and comfortable working with subject matter experts, whilst delivering to an audience whose primary considerations may not be security or compliance.

This role is based out of our Guildford office, but occasional travel may be required.

Key Accountabilities and Responsibilities       

  • Maintaining and retaining PCI DSS Level 1 Service Provider Certification
  • Maintaining and retaining ISO270001:2013 certification
  • Supporting the Head of InfoSec to ensure Semafone addresses relevant Data Privacy legislation
  • Assisting the PA-DSS Product Delivery and supporting wildcard releases through the Standards Security Council
  • Delivering an already established InfoSec training and awareness programme across the business to ensure that colleagues are equipped with up to date knowledge of security industry best practices, emerging technologies and legislation
  • Delivering Semafone’s security proposition to clients during project engagements
  • Working with Semafone Architecture and IT teams to ensure that designs are cleared as secure, prior to commencement
  • Working with design, development and architecture teams to maintain a ‘compliance methodology and process’ to ensure it is embedded into development methodology, testing and project governance

Mandatory Qualifications, Skills and Experience       

  • CISM / similar certification or working towards
  • To have experience in an environment delivering
    • PCI DSS RoC as a Level 1 Service Provider or Merchant
      OR
    • ISO27001:2013
  • Working knowledge of
    • PA-DSS
    • Data Privacy legislation
  • Strong knowledge of business systems, processes and functional responsibilities
  • Experience of project and architectural life cycles
  • Good understanding of systems architecture, API integration and networking

Desirable Qualifications, Skills and Experience       

  • CRISC or other Risk based certification
  • Experience with other InfoSec frameworks
  • Experience with other ISO standards
  • Experience of change, incident, problem and risk management
  • Experience of working closely with internal and external auditors

Benefits & Culture

We are a market leader in secure voice transactions and trusted by our customers and partners.  We are on a journey to secure all personal data.  We recruit diverse, ambitious, innovative people who want to grow in a supportive and collaborative environment.  We are passionate, work hard, have fun and celebrate success.  We are based in central Guildford, right by the station, in beautiful custom-fitted offices.

What we'll give you;

  • £55-65k basic salary
  • 25 Days Holiday, rising to 28 days with service
  • Up to 10% Bonus
  • 4 x Salary Life Insurance
  • Vitality Health Insurance
  • HealthShield Cash Back Plan
  • Employee Assistance Programme
  • Bespoke Discounts and Communications Hub
  • Up to 5% Contributory Pension

Semafone is well funded and growing fast, you’ll be joining an organisation that combines an entrepreneurial ‘start-up’ culture with the professionalism of a mature and established business. This is a fabulous opportunity to gain experience on a variety of commercial matters of an international business.

*All final interview candidates will be subject to a DBS check as a pre-condition of a potential offer of employment. Any information found will be considered when making the final hiring decision. Please be aware that the background check process will not go ahead without your written consent.

Apply for this job

Or, know someone who would be a perfect fit? Let them know!

Guildford

Pannell House
GU1 4HN Guildford Directions info@semafone.com 0845 543 0822

More than just a job...

Here at Semafone it's all about delivery and we pride ourselves in providing a flexible working environment which aims to support our staff as they journey through their career.  

For country-specific benefits check out each job role, but what else do you get besides your all important salary?

  • Bespoke Discounts & Communications Hub

    perkSTIR is our internal communications hub which houses a whole host of retailer discounts where you can literally save £/$000's a year!

  • Work / Life Balance

    We offer excellent time off benefits and promote flexible working whenever we can.

  • Great Physical Space

    We've got fabulous new offices in all locations. All mod-cons and tech'd up to the rafters it's a technologist's dream location.

  • Team Events

    We regularly get together as either individual teams, location-specific or the whole business. A highlight is our annual offsite, 'FraudSTIR' which involves internal and external presentations, team-building activities and lots of opportunities for socialising!

Workplace & Culture

 

Our company values aren't just words on a page to us.  They're intrinsic to the way we operate and vital to our success.  When they're effectively demonstrated wonderful things happen, so it's no wonder we recruit to our values and culture.

 

Already working at Semafone?

Let’s recruit together and find your next colleague.

email
@semafone.com
  • Aaron Lumnah
  • Andreas Prassas
  • Annette Quinnell
  • Ben Barnes
  • Ben Rafferty
  • Caroline Thomson
  • Charlie Lodder
  • Chloe Prince
  • Claire Finnie
  • Dan Hoaglund
Teamtailor

Applicant tracking system by Teamtailor