Job description

Job description

  • Division:
  • City:
  • Country:
  • Job Type:
    Full Time
  • Number of Hours:
  • Closing Date:
    31 October 2022
  • Contract Type:
Share this page
Share with linkedin
Share with facebook
Share with twitter
Share with email

Senior Cyber Security Risk Analyst (17879)

About Cyber Security at Holland & Barrett
The Role

The Senior Cyber Security Risk Analyst at H&B is a highly operational and hands-on role, reporting to the Head of Data Security, who is responsible for enabling risk-based decisions to be made consistently across the organization and to establish sustainable security capabilities that are integrated with the business.

H&B uses Jira and other GRC tools to create graphs and maps that allow stakeholders to understand their risks and more importantly to make fact-based risk decisions. The ideal candidate thinks in graphs and has a native understanding on how to hyperlink risks in order to create real-time visualizations of existing risk profiles across the H&B ecosystem. 

Being frustrated with the current β€˜managing risks via spreadsheets' status-quo and lack of automation/workflows in most of the risk industry, are also key requirements for this role.

Here are the key attitudes and experience that are relevant to this role (not all are needed):

  • Understanding of Information Security Frameworks (e.g. ISO 27001, NIST CSF, and Cyber Essentials) and UK Data Protection Act 2018 including GDPR.
  • Experience in conducting 3rd supplier assessments and advising the business on findings
  • Some experience of tools like SIEM, EndPoint Protection, WAF's, Network Firewalls, Vulnerability Management and Pen Testing.
  • Working knowledge of Security Architecture and potential security issues related to them and understanding of PAM, and Data Loss Prevention
  • Experience of managing and mentoring a small team
  • Passion for automation, delegation and scalability via playbooks and highly effective processes
  • Drive for automating process and workflows in order to detect, contain and eliminate active malicious agents
  • Being a detective at heart
  • Experience in presenting findings and ideas to senior level just as much as spreading cyber security awareness through training or providing weekly materials via Intranet or other channels. 
  • Knowledge and experience of information risk analysis/management
  • being a β€˜Settler', by knowing how to take innovation and productize it (Setter as defined by Wardley Mapping)


The Person

Who are you? 

We are looking for individuals that want to work for:

  • a company that is making a positive impact in the world (H&B is making the world healthier),
  • a company where you will make a real difference (H&B is going through an amazing digital transformation programme)
  • a security team that is growing and innovating (H&B Security has an amazing vision and objectives)

Here some more attributes we are looking for

  • Looking for next challenge
  • Curious
  • Highly Motivated
  • Want to make the difference
  • Want to build something worthwhile
  • Want to make the work safer

Areas of responsibility:

Supported by an experienced team, effective technology and highly qualified 3rd parties, here are the areas of responsibility for this role:

  • Develop and maintain the information security policy and accompanying standards, procedures, and guidance
  • Manage critical business assets inventory and cyber security risk register
  • Support regulatory compliance
  • Manage GDPR DSAR process
  • Develop and implements training & education for IT and wider business teams
  • Manage 3rd party security relationships and conduct supplier risk assessments, flag concerns, log risks and remediations
  • Manage and Improve the Vulnerability Management process
  • Create phishing campaigns specific to the current climate and business
  • Support incidents
  • Respond to enquiries from staff and provide security advice as required
  • Work with internal stakeholders to develop relationships to help promote and improve information security and provide security advice on procurements, projects and new initiatives as required

πŸ’Έ Technology Incentive Scheme - we offer different bonus schemes for all grades in Technology, starting at 10%.

πŸ“š Learning and Development opportunity with Holland & Barrett is a great base for career development long term.

🀝 Career progression

πŸ” Pension company contribution 

✈️ Your wellbeing is paramount so you can get away and take 28 or 33 Days Holiday per year. 

πŸ’· Refer and Earn Scheme - as we're growing you can earn money by referring people to join us from your network.

πŸ‘œ Epic Extras gives you access to exclusive benefits, free advice and savings from a range of retailers and providers.

πŸ’° Stay healthy with Discounted Products - from day one you'll get a 25% discount (on top of other promotions) when you shop at H&B on anything that you buy. 

πŸ™‹πŸ½ We all need a little help sometimes, so we offer Free 24/7 Confidential Advice & Colleague Welfare.

🧠 Mental Health First Aiders - we have lots of qualified Mental Health First Aiders because its all about your health & wellbeing.

πŸ‘‘ We have colleague Reward and Recognition Schemes, so your hard work and loyalty won't go unnoticed.

πŸ‘ And many more!

The Company
  • Holland & Barrett is one of the nation's most loved and trusted brands, known for offering quality health food, vitamins and supplements all sold by highly trained and qualified advisors.
  • Bucking the current trend of high street retailers, we forecast significant growth and expansion plans in the coming years, with considerable investment going into all areas of the business. We certainly embrace change and drive speed in everything we do. Every day presents a different challenge, but every day is also filled with fun, teamwork and passion to succeed and surpass every expectation.
  • Join us and see how far you can go…

Close map
Nuneaton Head Office - Samuel Ryder House
7 Barling Way, Nuneaton, Warwickshire, United Kingdom, CV10 7RH
Vacancy Alerts
Create an alert subscription based on this vacancy