Security Assurance Analyst

Apply now »

Date: Jul 22, 2022

Location: London, GB Berlin, DE Lisbon, PT

Company: Springer Nature Group

Springer Nature opens the doors to discovery for researchers, educators, clinicians and other professionals. Every day, around the globe, our imprints, books, journals, platforms and technology solutions reach millions of people. For over 175 years our brands and imprints have been a trusted source of knowledge to these communities and today, more than ever, we see it as our responsibility to ensure that fundamental knowledge can be found, verified, understood and used by our communities – enabling them to improve outcomes, make progress, and benefit the generations that follow. 

Visit: group.springernature.com and follow ​​​​​​​@SpringerNature

 

The Cyber Security Team are responsible for the monitoring, vulnerability management, assurance, security architecture, infrastructure, and the secure development lifecycle within Springer Nature. The purpose of this role is to monitor analytics tools relating to security events within the Springer Nature ecosystem to enable the business to execute proactive countermeasures to and reactive remediation of cyber threats.

 

Security Assurance Analyst:

 

The purpose of this role is to mature security practices across Springer Nature to support and enable the business to make informed decisions in all aspects of cyber security.

 

Responsibilities:

  • Develop a security maturity matrix.
  • Develop a company wide security training strategy.
  • Maintain the asset registry.
  • Manage the risk register
  • Facilitate the annual PCI audit.
  • Facilitate in Business Continuity and Disaster Recovery (BCDR) exercises
  • Facilitate in internal audits against common industry frameworks, e.g. Center for Information Security (CIS)
  • Review and collect asset data. 
  • Provide first line support to incidents.  
  • Maintain supporting documentation.
  • Develop, implement, and review operational policies.
  • Drive the adoption of security practices.
  • Drive the security champion model.
  • Nurture intra-team relationships.
  • Manage 3rd party relationships.
  • Policy development for Bring Your own Device (BYOD) and Remote Working solutions.


Experience:

  • A least 5 years IT experience.
  • Managing a security maturity programme.
  • Managing risk registers.


Skills/Knowledge:

  • A genuine interest in cyber security.
  • Good working knowledge of BSIMM / OpenSAM or other maturity models.
  • Able to work within a diverse team.
  • Able to articulate the strategic goals of the team.
  • Working knowledge of PCI-DSS, BCDR and CIS frameworks/standards.


Qualifications:

  • Computer Science degree.
  • Security related certification.
  • Current or previous qualification in PCI-DSS is not necessary but a bonus.

At Springer Nature we value the diversity of our teams. We recognize the many benefits of a diverse workforce with equitable opportunities for everyone. We strive for an inclusive workplace that empowers all our colleagues to thrive. Our search for the best talent fully encompasses and embraces these values and principles.

Visit the Springer Nature Editorial and Publishing website at www.springernature.com/editorial-and-publishing-jobs for more information about our Research E&P career opportunities.