Information Security Analyst

Moneybox
London
1 month ago
Create job alert

Moneybox is growing and maturing as a technology-led financial services business, all whilst the cyber threat landscape is constantly evolving. This role will be helping to implement and maintain a second line of defence Information Security function delivering across the breadth of the business. You will be able to combine technical expertise with strong personal qualities to effectively protect our information assets.

The role will suit an ambitious analyst who wants to drive and improve processes, take ownership, and champion security across the business.

What you'll do

  • Uphold and enforce information security standards and policies, serving as a primary resource for internal stakeholders championing all things Information Security across the business.
  • Assist Moneybox in achieving and maintaining industry-recognised certifications such as Cyber Essentials, NIST CSF, and, eventually, ISO 27001.
  • Identify and manage risks in accordance with the enterprise-wide risk framework to ensure the triage, review, and ongoing management of information security risks.
  • Conduct third-party due diligence to ensure Moneybox's standards are upheld throughout our supply chain.
  • Collaborate with Workplace Technology on vulnerability management, build reviews, user access reviews, and security controls to ensure the cybersecurity of our IT systems.
  • Maintain the Information Asset Register and other trackers to stay current on documentation and evidence of controls.
  • Triage and respond to information security incidents (e.g., phishing, lost laptops, DLP alerts) to maintain Moneybox's resilience against threats.
  • Act as a deputy for the Information Security Manager when necessary.
  • Collect information for governance meetings, attending and presenting as required.
  • Gather and disseminate actionable threat intelligence to keep information security current with new developments.
  • Develop and implement information security training and awareness initiatives to educate employees.
  • Operationalise and document new security processes as they are developed.
  • Provide information security input for Data Protection risk assessments.
  • Support compliance with regulatory requirements such as REP018, EBA Guidelines, and UK GDPR.

Who you are

  • A driven, ambitious individual who’s looking to build their career at an exciting fast-growing company.
  • A professionally inquisitive problem solver looking to enable the business to succeed without a heavy handed approach.
  • Able to adjust to new technologies, evolving threats, and changing regulations, remaining focused and effective during security incidents.
  • Naturally personable, great communicator who has a passion for their work and the people they work with.
  • Excited about being part of a fast-growing company that’s trying to make a positive mark on the world.
  • Knows how to have fun whilst maintaining a professional outlook.

Experience and Skills

  • Experience in information security management: This includes familiarity with industry-standard frameworks like NIST CSF, ISO 27001, or SOC2.
  • Knowledge of risk management methods and third party risk management (TPRM).
  • Practical knowledge of security technologies: The candidate should be comfortable with tools like Anti-Malware Solutions, DLP, Identity and Access Management, SIEM, and cloud technologies.
  • Understanding of financial services and their regulatory environment: to align security measures with industry-specific requirements.
  • Knowledge of the Software Development Lifecycle (SDLC): to help integrate security practices into the development process.
  • Understanding of Data Protection/Privacy and ICO regulatory requirements: to help signpost the business towards the data protection team.
  • Excellent communication and collaboration skills: The analyst must be able to clearly convey technical information to various stakeholders and work effectively across teams.

Visa Sponsorship:

At this time we cannot offer visa sponsorship for this role and we cannot consider overseas applications.

#LI-ND1

#J-18808-Ljbffr

Related Jobs

View all jobs

Information Security Analyst

Information Security Analyst

Information Security Analyst • London London

Information Security Analyst L1 ( Talent Pool )

Information Security Analyst 2

GRC Information Security Analyst

Get the latest insights and jobs direct. Sign up for our newsletter.

By subscribing you agree to our privacy policy and terms of service.

Industry Insights

Discover insightful articles, industry insights, expert tips, and curated resources.

Jobs

Job-Hunting During Economic Uncertainty: Cyber Security Edition

The cybe rsecurity sector sits at the forefront of today’s digital landscape, defending businesses and governments alike from increasingly sophisticated threats. From incident response and network security to cloud protections and zero-trust architectures, cyber security professionals tackle an ever-evolving array of challenges. Yet, even this mission-critical field is not immune to economic turbulence. When broader financial markets experience uncertainty—whether through global recessions, regional downturns, or unexpected macro events—the hiring climate can shift, making roles more selective and budgets tighter. For job seekers in cyber security, this can be disconcerting. You might discover that once-abundant vacancies have become scarce, competition for the remaining positions is fiercer, or company priorities pivot away from large-scale expansions toward essential, cost-justified security projects. At the same time, data breaches and cyberattacks don’t pause during economic slowdowns—if anything, they may escalate as bad actors exploit organizational vulnerabilities. This paradox means that while the market feels tough, demand for cyber security expertise remains robust. In this article, we’ll look at: Why economic uncertainty affects cyber security hiring trends. Strategies for staying competitive, even if the number of open roles shrinks. Methods to highlight your skills, adapt to shifting priorities, and network effectively. Approaches for preserving mental well-being during prolonged searches or uncertain feedback loops. How www.cybersecurityjobs.tech can help you find the ideal security-focused role. By proactively sharpening your skill set, tailoring your professional profile, and engaging with a focused community, you can secure a rewarding cyber security job—even when the broader market feels volatile.

Careers

How to Achieve Work-Life Balance in Cyber Security Jobs: Realistic Strategies and Mental Health Tips

Cyber security is one of today’s most vital and rapidly expanding sectors. As data breaches, ransomware, and other cyber threats continue to evolve, the demand for skilled professionals is surging across industries—from finance and healthcare to government and e-commerce. Whether you’re a penetration tester, security analyst, or threat intelligence expert, you play a key role in safeguarding digital infrastructure and sensitive information. This high-stakes environment, however, often comes with intense pressure. Long hours, constant vigilance, and an ever-changing threat landscape can make it challenging to find time for personal well-being. Many cyber security specialists report difficulty striking a sustainable work-life balance, unsure if it’s even possible in a field that never truly sleeps. Yet, as concerns about mental health and burnout become more pressing, professionals and employers alike are seeking better ways to combine career advancement with a fulfilling personal life. In this comprehensive article, we’ll explore how to achieve a work-life balance in cyber security. You’ll discover strategies for managing 24/7 threat alerts, the importance of realistic expectations, ways to maintain mental health in high-intensity roles, and tips for setting boundaries without compromising your professional growth. Whether you’re new to this dynamic arena or already an established specialist, these insights can help you thrive personally and professionally in the fast-paced world of cyber security.

Careers

Transitioning from Academia to the Cyber Security Industry: How Researchers Can Harness Their Skills to Protect Commercial Environments

Cyber security has become a mission-critical field in an era where data breaches, ransomware attacks, and sophisticated hacking techniques threaten businesses and public institutions alike. As digital transformation touches nearly every facet of modern life, the need for highly skilled individuals capable of defending systems and networks continues to grow. For PhDs and academic researchers with expertise in areas like cryptography, network security, or threat intelligence, this presents an exciting opportunity to deploy your analytical prowess in a high-impact, fast-paced commercial setting. In this guide we’ll explore how academics can successfully pivot from the research lab to the cyber security industry. Learn how to apply rigorous, theory-driven approaches to real-world challenges, from designing secure software architectures to neutralising advanced persistent threats. By embracing the industry’s urgency and end-to-end mindset, you can transform your scholarly insights into robust, market-facing security solutions that protect companies and users on a global scale.

🍪 We use cookies to enhance your browsing experience on our website. By continuing to use this site, you consent to the use of cookies as described in our Cookie Policy. You can review our Cookie Policy for more information.