Information Security Analyst

About Columbia Threadneedle Investments

You'll find the promise we make to our clients is the same one we make to our employees: Your success is our priority.

Here, you'll find growth and career opportunities across all our businesses. We're intentionally built to help you succeed. Our reach is expansive with a global team of 2,000 people working together. Our expertise is diverse with more than 450 investment professionals sharing global perspectives across all major asset classes and markets. Our clients have access to a broad array of investment strategies and we have the capability to create bespoke solutions matched to clients' specific requirements.

Columbia Threadneedle is a people business and we recognise that our success is due to our talented people, who bring diversity of thought, complementary skills and capabilities. We are committed to providing an inclusive workplace that supports the diversity of our employees and reflects our broader communities and client-base. We welcome applications from returners to the industry.

We appreciate that work-life balance is an important factor for many when considering their next move so please discuss any flexible working requirements directly with your recruiter.

Job Purpose Statement

As an Information Security Analyst at Columbia Threadneedle Investments, you will be part of a team support structure which will enable you to build your knowledge of Information Security through training and guidance to increase your awareness and skills. As you develop in this role, you will be given additional responsibilities to not only deal with Incident Management but also feed into the day-to-day process used by the team for operational activity and incident triage.

You will be working with technical and user teams within the local team structure as well as leveraging our global team to reduce risk, ensure compliance with business policy and provide a regional view to the business leadership.

Role Responsibilities

How you'll spend your time ....

• Coordinated analysis of identified vulnerabilities and patch releases to ensure a risk-based approach is taken for remediation.
• Collaboration with technical teams for issue remediation in a timely manner.
• Oversight of user access reviews to ensure appropriate ownership; ensuring all reviews are completed on time, liaising with reviewers and review owners as required, and escalating where necessary.
• Oversight of the Joiners, Leavers and Transfer processes.
• Risk identification and remediation within the technical infrastructure through knowledge of Information Security and awareness of business policies.
• Monthly trend reports on Key Risk and Performance Indicators and (KRI's/KPI's).
• Extending the UK team presence for the global Cybersecurity team.
• Responding to identified Indicators of Compromise (IOC) events which effect the European and Asia regions.
• Proactive monitoring and analysis of information security system logs.

Key Capabilities

To be successful in this role you will have ....

• A basic understanding of infrastructure and application technology.
• You must have a desire to develop skills in all areas of IT security.
• Able to persuade and influence people.
• Good communication skills.
• This is a security job, so sometimes you'll have to work under pressure and show flexibility to meet tight deadlines.
• Worked in a technology environment.
• Have Information Security background knowledge through either experience or self-study.

Desired Capabilities

If you also had this, it would be great ....

• A continuous improvement mindset.
• A broad range of technology experience would be good (infrastructure, application, etc.)
• Evidence of a recognised Information Security qualification (Security+, CISSP or similar.)