Willis Towers Watson
,
Ipswich, Suffolk
Information Security Technical Analyst- FTC
Overview
Job Description
**Summary of Role** Initial fixed term contract for 12 months with possibility to extend or convert to permanent employee. Aligned within the Information Security Architecture function, the Information Security Analyst's responsibilities include the review of requests for change to security infrastructure components such as firewalls to ensure the requests are complete and are in accordance with our security policies and best practice. Once these criteria are met, the requests will be approved and assigned for implementation. The Analyst will also help review Security Policy exception requests that are seeking to deviate from defined secure designs to assess the risk, propose alternatives as appropriate, and provide input for the approval or rejection of the request. Other research tasks regarding security topics may also be assigned. We are looking for a collaborative team player with sound knowledge of ITIL change control procedures, knowledge of security technologies, excellent administrative skills and a willingness to learn and grow. The successful candidate will be able to help ensure a secure environment for Willis Towers Watson through evaluating requests to modify security controls and ensuring they are valid and in support of a business need. They will contribute to and work as part of a global multi-disciplined security community with clear vision and direction, and top down support across the business **The Role** + Review security exception requests and ensure they are valid and reasonable requests, help identify and assess the level of risk if implemented, and where possible propose feasible alternatives. + Work with Security Architecture on other related tasks and assignments + Adhere to SLAs for reviewing and assessing requests for change. + Provide appropriate MI to key stakeholders. + Review requests for change for security technologies and ensure they:o Are properly formatted with all necessary pertinent informationo Conform to defined security requirementso Conform to approved security designs **The Requirements** + Experience working in an Information Security function + Strong knowledge of ITIL based change control principles + Sound knowledge of security knowledge and best practice principles + Strong knowledge of security technologies such as firewalls, web proxy, anti-virus and DLP to be able to validate requests for change for them + Experience with Service Now + Able to keep track of time sensitive deliverables + ITIL, CISSP, CISM, CISA (desirable) **Equal Opportunity Employer**