Information Security Analyst – London (Hybrid)
£50,000 - £60,000 + Bonus + Benefits
Locke & McCloud are looking for a talented Information Security Analyst to join our client. An innovative and forward-looking international organisation with a robust presence across multiple global locations. Our mission is to provide top-tier services through a comprehensive understanding of our clients' needs, market sectors, and the broader issues shaping the future of business. We are committed to helping our clients navigate complex challenges and seize new opportunities with agility and insight.
Main Responsibilities:
Develop, maintain, and publish documentation for the Information Security Management System (ISMS), including processes, procedures, and guidelines to ensure governance and continual improvement.
Maintain compliance with ISO 27001 and adapt the ISMS to meet the evolving structure and requirements of ISO 27002:2022 and other relevant standards.
Expand the scope of ISO 27001 certification to include international entities, focusing on local processes, risks, controls, audits, and management reviews.
Collaborate with various departments to conduct and regularly review information security risk assessments and treatment plans.
Plan and perform periodic internal audits and compliance activities, support internal and external security audits, and implement required remediation activities.
Investigate and triage security incidents, using monitoring tools and scanning/test results to identify potential weaknesses, threat patterns, and trends.
Ensure resolution and root cause analysis of security incidents, coordinating remediation activities to track and close potential security breaches, attacks, or policy violations.
Respond to customer requests regarding information security compliance, controls, and contractual measures.
Conduct supplier due diligence, monitor and regularly review supplier performance, including supplier audits.
Stay updated on security industry trends and evaluate new and emerging security technologies, providing recommendations to stakeholders.
To be considered for this role, you should have:
Proven experience in a similar role with professional certification in Information Security (e.g., CISSP, CISMP, Lead ISMS Implementer or Auditor).
Auditor training in ISO management systems, preferably ISO 27001, though experience with other relevant standards is also considered.
Familiarity with certifications and standards such as ISO 27001, Cyber Essentials (plus), ISO 22301, and NIST controls.
Strong interest in cybersecurity and technology, with awareness of IT security measures and cloud security/services, particularly Azure and Office 365.
Practical or theoretical knowledge of security protocols and tools like ZScaler.
Strong interpersonal and communication skills, both spoken and written, with the ability to work with and influence stakeholders at all levels.
Broad consultancy skills including problem solving, change management, influencing, communication, research, data collection and analysis, process mapping, creative thinking, and negotiation.
Effective thinker and planner with a good understanding of organizational goals and objectives.
Attention to detail in task planning, execution, and communication.
Ability to present ideas in a business-friendly and user-friendly manner across multiple geographies.
Highly organized and focused on outcomes.
Proactive in addressing challenges, with a positive attitude towards work and making a meaningful contribution.
Ability to prioritize and execute tasks effectively in a fast-paced environment.
Our client offers a great working environment with various progression plans to suite your career goals, in addition to a generous benefits package including a 10% bonus, family private healthcare, a generous pension scheme, 25 days of annual leave, share options, flexible working options, and more.
If this role is of interest, please apply or reach out to Jacob – 07893921057/j.collen@lockemccloud.com
Locke & McCloud are the UK’s leading cyber security & information security staffing company – through having a sole focus on the cyber & information security space we have been able to foster solid relationships with some of the UK’s most exciting cyber security consultancies & end users. Our focus on the information security space allows us to be able to help you find the most exciting.