Example Information Security Analyst Job Description

Job Descriptions Past roles on La Fosse. NB - These roles are expired and for examples of job descriptions for informational purposes and guidance only.

Information Security Analyst – GRC

  • Location: Leeds
  • Sector: Change and Transformation
  • Job type: Contract
  • Job functions: Mid-Level, GDPR
  • Industry sector: Professional services
  • Salary: £500 – £600 per day

Currently working with a professional services business to look for an InfoSec Analyst GRC on an initial 6 month contract.

They will help implement and write policies for their security transformation programme and will be driving the delivery of consistent, high quality security assurance and controls.

The role is hybrid with as and when required in their Leeds office and is paying up to £600 per day! The role is inside IR35.

Information Security Analyst

  • Location: Liverpool
  • Sector: Information Security
  • Job type: Permanent
  • Job functions: Chief Data Security Officer
  • Salary: £40000 – £45000 per annum + + package

My client are currently looking for an Information Security professional, with a solid background in Governance, Risk & Complaince (GRC) and/or technical security on a permanent basis.

Reporting into the Security Manager this role will play a key role in the development of my client’s security posture / journey. They are looking for someone at a who can hit the ground running and can lead things from an information security perspective, including; management of the ISMS, implementing security standards and operating procedures, incident response and analysis of alerts.

This is a fantastic opportunity to join an international brand, in which you will be well supporting in developing your career in IT Security & GRC.

Skill Requirements:

  • A proven information security professional
  • Experience with standards such as PCI-DSS, GDPR, ISO.
  • Experience supporting security policies and frameworks
  • Strong understanding of fundamental information security concepts and technology
  • Technical security and/or infrastrcuture knowledge
  • Experience in Agile delivery environments.
  • Outgoing and able to build relationships with key stakeholders.

Information Security Analyst – Key Asset Risk Management

  • Location: London
  • Sector: Governance, Risk & Compliance
  • Job type: Contract
  • Industry sector: Analytics
  • Job functions: Information Security Project Manager, Risk Analyst, Security Compliance
  • Salary: £500 – £550 per day + Inside IR35

Global Analytics Company based in London are looking for a contractor for an initial 6 months for an Information Security Analyst position to focus on Key Asset Risk Management. This contract will be part of the GRC Transformation Team who focus on risk impact to the business.

The deliverables of the Information Security Analyst will be:

Qualities:

  • Work with the team to improve security posture for the business and reduce their risk profile
  • Provide additional protection to the firm’s sensitive and critical assets
  • Work closely with the SOC, Product Security and Enterprise Security teams to investigate and review the key assets
  • Once the investigations are completed drive risk impact reduction activity
  • Properly segment key assets and that they have privileged access
  • Work with the GRC Team on risk management, technical risk assessments, vendor risk management and security assurance.

Skills and experience:

The ideal contractor will have prior experience in:

  • Security Risk and Asset Management
  • Technical Segmentation
  • Hands on experience with Risk Management Frameworks
  • Knowledge and understanding of Privileged Access Management, Patch Management, SOC Visibility and Business Continuity
  • Strong stakeholder management experience
  • Excellent written communication skills to articulate risk
  • Developed theoretical knowledge of OWASP
  • Desirable to have worked in a Global Pharmaceutical Company but will look at candidates with Global Business experience
  • Knowledge of Control/Vulnerability Assessment and Penetration Testing methodologies

Information Security Analyst

  • Location: West Sussex
  • Sector: Information Security
  • Job type: Contract
  • Industry sector: Manufacturing
  • Job functions: Security Analyst, Cyber Security Analyst
  • Salary: £350 – £400 per day + Outside IR35

Global Manufacturing Company have recently appointed a new Head of Security who is looking to improve the Security function and hiring in multiple contractors and permanent staff across the Globe for Change & Transformation, GRC and Architecture. The Information Security Analyst will be an initial 6 month contract, outside IR35 which is mostly remote but will require you to go to the office twice a month in West Sussex.

THE ROLE

The Information Security Analyst will work with the Head of Security and Information Security Consultant to develop the ISMS for the business. This will involve:

  • Running a gap analysis on the current policies, procedures and standards in place
  • Improve and create new policies, procedures and standards in line with both ISO27001 and NIST
  • Roll out the new policies, procedures and standards to the busineses

YOU

The ideal candidate will currently be working in a broad Security GRC role for a Global Business and have proven ability to write policies, procedures and standards. You also will have strong knowledge of both ISO27001 and NIST. Stakeholder management experience will be essential as you will be working with people at various levels of the business.

Information Security Analyst – Compliance

Renowned Retail Business are looking for an Interim Information Security Analyst to work on their governance, risk and controls for an initial 6 month contract. You will report into the Head of Information Security and be responsible for monitoring and assurance, advisory services and risk management. Please note this role will require 2 days a week in the office and isinside IR35.

THE ROLE

The Information Security Analyst will be responsible for:

  • Ensure Information Security requirements are understood and under management within the Compliance Framework
  • Ensure that developments to the Information Security framework (ISO27001) are effectively communicated to the business and Senior Stakeholders
  • Develop and advise on the implementation of Information Security policies and standards across the business
  • Inform and provide advice to the business and its employees about their responsibilities in regards to PCI-DSS and other security related frameworks (ISO27001) and controls (CIS).

YOU

The ideal candidate will have prior experience in:

  • An Information Security GRC position and has strong knowledge of ISO27001, NIST and PSI-DSS
  • Has strong policy writing experience
  • Can communicate to Senior Stakeholders about Information Security.
  • Can work in a fast paced environment

View all jobs