Information Security Analyst

Social network you want to login/join with:
Information Security Analyst, Kingston upon Hull, East Yorkshire Client: Cloud Decisions
Location: Kingston upon Hull, East Yorkshire, United Kingdom
Job Category: Other
EU work permit required: Yes
Job Views: 5
Posted: 31.05.2025
Expiry Date: 15.07.2025
Job Description: Upto £57,500 + Enterprise Benefits (Life Ins/Medical/Pension)
Fully Remote (UK only)
Please Note: NOT A CYBER SEC TECHNICAL ROLE
Be part of their high growth Information Security plans as they build the team to x4
Cloud Decisions has partnered with one of the UK’s most exciting enterprise technology transformations: a £multi-billion, employee-owned group, one of the top 10 largest employee-owned businesses in the UK, and one of the largest global players in insurance across 100+ countries.
Following a wave of acquisitions and continued digital modernisation and compliance, they’re hiring an Information Security Assurance Analyst who understands controls & compliance with security regulations and standards. The role involves working in a small, high-trust team, working autonomously to build InfoSec capability, ensuring regulatory compliance, information security maturity, and readiness for audits, tenders, or risk reviews.
Control/Compliance Assessment Duties: Schedule and Coordinate Assessments: Coordinate control assessments with control owners, asset custodians, and third parties.
Evaluate Controls: Assess design and effectiveness of security controls against policies and standards.
Documentation Maintenance: Keep documentation of assessments and remediation activities up to date.
Organise Control Evidence: Ensure control evidence is organized and accessible.
Notify Deviations: Notify relevant parties of deviations from processes and procedures.
Risk Analysis Reports: Write reports on the impact of control gaps on risks.
Communicate Findings: Share issues with security leadership clearly.
Dashboard and Reporting Input: Update dashboards and reports with current data.
System Security Plans (SSPs): Support documentation of security requirements for systems, including controls and ongoing monitoring.
Compliance/Control Improvement Duties: Update Processes: Lead efforts to address process gaps.
Enhance Procedures: Improve procedures and develop tests with control owners.
Propose Enhancements: Suggest control improvements through formal channels.
Reporting Support: Assist with regular reporting on control assessments.
Audit/Assessment Duties: Third-Party Due Diligence: Manage due diligence requests, document deficiencies, and liaise for resolution.
Audit Preparation and Support: Prepare evidence and respond to audit inquiries and findings.
InfoSec effectiveness - collaboration/continuous improvement: Continuous Improvement: Identify and implement process improvements.
Training and Development: Train team members and stakeholders on assessment practices.
Vendor Management: Ensure vendors have BCDR plans and assess their capabilities regularly.
Knowledge of DORA, PCDSS, SARBOX is beneficial but not essential.

#J-18808-Ljbffr