Role Profile Job Title: Security Analyst Department: Information Technology Reporting to: Head of Information Security Responsible for: None Budget Responsibility: None Role Purpose Catalyst Housing has embarked on a multi-year Information Security Transformation Programme to improve its security posture and its information management practices. The Security Analyst will support the Head of Information Security in delivering the security strategy and on all aspects of information security at Catalyst Housing to protect the confidentiality, integrity and availability of Catalyst’s Information assets. The post holder will be joining Catalyst at an exciting time and will be provided with great development and career progression opportunities. Key Responsibilities Working closely with internal and external stakeholders, and supporting the Head of Information Security in developing and delivering an Information Security strategy that focuses on protecting Catalyst (and its customers) information assets. Providing security consultancy and security requirements to new projects Assistance with the management of the Information Security related projects. Working with the policy team, developing, delivering and maintaining a people focused “best practice” Information Security policy framework and accompanying policies and standards. Working with the training and communications team, creating, and maintaining an Information Security awareness training program. Maintaining up-to-date knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes and the development of new attacks and threat vectors. Supporting the Head of Information Security in selecting and procuring security solutions or enhancements to existing security solutions to improve overall enterprise security as per the enterprise’s existing procurement processes. Undertaking third party security audits and assessments. Working alongside the various business and central support teams to embed security principals into the departments. Management of security incidents and escalations. Maintenance and management of the information security risk register & risk treatment plan. Undertaking Information Security audits across the business. Essential Skills/Knowledge 2-3 years of related information and cyber security experience Relevant security certification (e.g. CISSP, CISA, CISM, MSc Information Security) Experience of defining security requirements for projects Excellent stakeholder management skills to ensure that stakeholders are kept informed and updated as required Possess a “Can-do” attitude. A self-starter and ability to work with minimal supervision. Staff are responsible for their own Health & Safety, ensuring a safe working environment for colleagues Flexible and co-operative team player. Desirable Skills Demonstrate aptitude and desire to develop expertise and experience in Information Security. Understand the value of information and data to a business. An exceptional people person, using natural flair to influence and secure buy-in from a variety of stakeholders including team members and colleagues, senior management, customers, and other departments. Strong customer service, resource management and communication skills. Must be able to negotiate with and influence colleagues, employees, contractors and suppliers at all levels. Role Competency Levels Competency Customer Focus Innovations and Change Analysis and Decision Making Teamwork and Leadership Drive for results Integrity and commitment Communicating and Influencing Equality, Diversity and Respect Level 4 3 3 3 3 4 3 3 Specific Role Competencies Educated to degree level and/or equivalent work experience. Staff are responsible for their own Health & Safety, ensuring a safe working environment for colleagues