INFORMATION SECURITY CONSULTANT
WE’RE GOING PLACES….
With more than 60 years of history in the bag, ours is a brand with an impressive heritage. Style is well and truly in our blood. As well as UK and Ireland, we are represented globally through our stores in Western Europe, Eastern Europe, Middle East and Asia. Our e-commerce business is helping to set the trend globally, shipping to 125 countries whilst also growing our presence on the world’s leading digital fashion marketplaces.
Our people make all the difference. Just as the River Island name pulls customers in off the high street and inspires them to buy online, our employer brand turns the heads of talented people, inspiring them to join, stay and grow with us.
WHAT YOU DO MATTERS…
- Assist in conducting risk assessments to identify, assess, and measure information security posture for systems, facilities, networks and projects.
- Assist in embedding a risk-based approach and ensure security requirements are captured and implemented appropriately.
- Assist in documenting and implement risk assessment process to be deployed across River Island.
- Assist in the management of the Information Security Risk Register and recommend appropriate actions and mitigation.
- Support the development and maintenance of River Island's Information Security policies, procedures and guidelines in accordance with industry best practises.
- Ensure compliance to the defined Information Security policies, standards and processes as well as legal and operational requirements such as GDPR and PCI-DSS.
- Manage the end to end Third Party Security Assessment process.
- Assist in governing policies for security tooling and evaluate the output data to enable reporting and subsequent analysis.
- Support projects and initiatives across the business to provide specialist advice.
- Show the ability to form solid relationships with the existing teams as well as external third party partners and vendors.
- Assist in the regular and ongoing monitoring and reporting on enterprise-wide compliance.
- Demonstrate the ability to operate within an environment where accountability and responsibilities between stakeholder’s overlap.
- Demonstrate an analytical approach and detail-orientated thinking, as well as a calm under pressure 'can do' attitude.
- Show that the priority and focus will always be customers, staff and reputation.
- Degree/Post-graduate Degree in Computer Science or equivalent.
- A Certified Information Systems Security Professional (CISSP) qualification or equivalent.
CORE TECHNICAL SKILLS
- Security incident response experience.
- Strong experience managing technology.
- Understanding of IP networking protocols and distributed systems.
- Understanding of digital forensics.
- Understanding of attacker tools, tactics and procedures.
- Knowledge of configuring and implementing common technical security controls essential.
- Understanding of enterprise digital environments and distributed technology stacks essential.
- Technical experience within the Information Security areas which cover;
- Perimeter Security
- Network Security
- Infrastructure Security
- Endpoint Security
- Application Security
- Data Security
- Wireless Security
- Cloud Technology
- Experience of managing penetration testing and vulnerability scanning.
- Experience of implementing frameworks such as the CIS SANS CSC, NIST or ISO27001 beneficial.
- Knowledge of regulatory requirements such as PCI-DSS, DPA and the GDPR are essential.
This is an amazing opportunity to build something amazing from the ground upwards. Working alongside a group of enthusiastic colleagues with the focus being on doing the right thing for our customers, staff and reputation.
IT NEVER GETS BORING…
If you are ambitious and love working in a busy environment where every day is new, then River Island is the place to be! As a business, we are committed to developing our talent and offer a fantastic training program to help you optimise your performance and support your career progression with the company.
Our working environment is busy, fast moving and responsive to our customers’ needs, much like our training which is unique to our business and reflective of our fun and refreshing brand and our people within it! Our River Academy offers ongoing training and development by running workshops throughout the year varying from courses focusing on softer skills to the more technical courses you may require to perform your duties.
It’s not all work and no play here either…we all work hard but we also like to have fun too! We are a social bunch and regularly host events ranging from Summer and Christmas parties, bake offs, and lots of charity events.