1 to 25 of 26 Information Security Analyst Jobs in the UK

Information Security Compliance Analyst Permanent Salary: Negotiable Hybrid - Hertfordshire As an Information Security Compliance Analyst, you will support the development and maintenance of the EMEA wide information security management system in accordance with Global EIT strategy, EMEA business requirements and relevant information security legislation, including NIS 2, AI Act and … adherence by the EMEA EIT department to all relevant legislation and regulations, including but not limited to Health and Safety, Financial and Privacy laws. Main duties/responsibilities: Conduct information security, information system, and compliance-based risk assessments, evaluate responses and recommend risk treatment actions Develop and execute risk mitigation plans in conjunction with relevant internal and … external stakeholders/groups and to agreed timescales, following through to completion Support the creation, implementation and maintenance of information security policies and standards, in accordance with ISO 27001 other relevant frameworks and standards (NIST CSF, IEC 62443, CIS, GDPR etc.) Maintain the department’s information security procedures, including but not limited to information security More ❯

Information Security Analyst | Hybrid | Contract | Northampton My client is looking for an Information Security Analyst/GRC Analyst to be a part of their growing security team. The successful candidate will play a pivotal role in ensuring compliance with data protection regulations, supporting the Information Security Management System ISMS, and … maintaining robust governance, risk, and compliance GRC processes. Key Responsibilities on the Information Security Analyst: Manage and respond to Subject Access Requests SARs in accordance with GDPR timelines and procedures. Oversee Right to Be Forgotten and data deletion requests, ensuring complete and compliant execution. Support the wider GRC and Information Security team in data protection … and risk management activities. Help maintain the Information Security Management System ISMS Provide expert advice on GDPR compliance and data subject rights. Provide expert guidance on data classification, retention, and information governance best practices. Information Security Analyst Experience/Technology: Proven experience in GRC and Information security. Extensive expertise of GDPR, SAR, and More ❯

Information Security Compliance Analyst 12 Month FTC Hatfield - Hybrid As an Information Security Compliance Analyst, you will Support the development and maintenance of the EMEA information security management system, ensuring compliance with Global EIT strategy, EMEA business needs, and relevant legislation (e.g NIS 2, AI Act, GDPR). Maintain ISO … equivalent - essential. CISM and/or CISSP or other relevant certification is highly desirable ISO 27001:2022 Lead Implementer/Auditor certification is highly desirable Demonstratable experience in an Information Security, IT Governance, Risk and Compliance based role, including maintaining and continually improving an ISO 27001 compliant management system. Experience of information security management and/… or security awareness. Good knowledge of industry standard frameworks and best practices – ISO 27001: 2022, NIS2, AI Act etc. and their practical application in a corporate environment to ensure all elements of integrity, availability and confidentiality are adhered to. Extensive experience conducting information security risk assessments, reporting risks Experience of developing, implementing, managing, and maintaining Information More ❯

Job Title: Senior Information Security Analyst – Remote/Home-Based Location: Remote/Home-Based (Hybrid as required) Type: Initially 3 months - potential to extend Salary: 34.50 UMB per hour (£26 PAYE)On behalf of our client, We are seeking an experienced Senior Information Security Analyst to provide immediate support to their Information Security team. This hybrid role combines technical security analysis with governance, risk, and compliance (GRC) activities, offering a unique opportunity to influence and maintain the organisation’s security posture. About the Role: The successful candidate will assess risks, review supplier and project security documentation, respond to security questionnaires and tenders, support incident investigations, and … guidelines. This is a hands-on delivery role requiring someone who can work independently, make sound judgments, and communicate effectively with both technical and non-technical stakeholders. Key Responsibilities: Security Governance & Risk Conduct security risk assessments for systems, projects, and suppliers, documenting findings consistently. Review, respond to, and attest security questionnaires and tender submissions. Support and track More ❯

Information Security Analyst - FinTech - £70K Our client is a growing London SaaS company, working with clients across tech, trading, pharma and ecommerce around the world. Offering hybrid working, they’re looking for an experienced Information Security/Cyber Security Analyst/Engineer to join them. You’ll work directly with the CTO, CRO … and IT teams to create and deliver security strategies, an information security framework and risk mitigation plans for the company. You’ll be involved in everything from security assessments, threat modelling and penetration testing to triage of security events, ownership of policies and procedures and even working with development and engineering teams to drive application … security and DevSecOps. This is the ideal job for an Information Security professional wanting real ownership over their work, in a small, growing company where they can be a subject matter expert. Requirements: Proven experience as an Information/Cyber Security Analyst (or equivalent) Broad cyber and information security (InfoSec) experience Knowledge More ❯

Information Security Analyst - £80K Our client is a leading Software-as-a-Service (SaaS) development company – They build bespoke Big Data solutions for financial services, pharma and ecommerce client around the world. Offer great remote/hybrid flexible working, they’re looking for an experienced Cyber Security Analyst to join them. You’ll work directly … with the CSO and SOC team to create and deliver the security strategy, information security framework and risk mitigation activity for the company. You’ll have the chance to be involved in everything from security assessments and threat modelling to triage of security events, ownership of policies ad procedures and even working with development and … engineering teams to drive application security. Requirements: Proven experience as an Information/Cyber Security Analyst Certified Information Security Manager (CISM) or Certified Information Systems Auditor (CISA) or equivalent Extensive cyber and information security (InfoSec) experience Experience of working in demanding, environments Good undersyanding of Windows, Cloud and IT infrastructure Excellent communication More ❯

Information Security Analyst - £80K Our client is a leading Software-as-a-Service (SaaS) development company – They build bespoke Big Data solutions for financial services, pharma and ecommerce client around the world. Offer great remote/hybrid flexible working, they’re looking for an experienced Cyber Security Analyst to join them. You’ll work directly … with the CSO and SOC team to create and deliver the security strategy, information security framework and risk mitigation activity for the company. You’ll have the chance to be involved in everything from security assessments and threat modelling to triage of security events, ownership of policies ad procedures and even working with development and … engineering teams to drive application security. Requirements: Proven experience as an Information/Cyber Security Analyst Certified Information Security Manager (CISM) or Certified Information Systems Auditor (CISA) or equivalent Extensive cyber and information security (InfoSec) experience Experience of working in demanding, environments Good undersyanding of Windows, Cloud and IT infrastructure Excellent communication More ❯

Information Security Analyst Location: Redditch Working Pattern: Hybrid Salary: £28,500 - £33,000 Are you passionate about protecting organisations from evolving cyber threats? Do you thrive in a fast-paced environment where security and innovation go hand-in-hand? We’re looking for an enthusiastic Information Security Analyst to join our growing IT … team and play a vital role in safeguarding our business operations and information assets. What You’ll Be Doing In this role, you will: Monitor, analyse and respond to outputs from key security systems including SIEM, email security and endpoint protection tools Assist in the investigation and triage of security alerts and incidents Carry out regular … vulnerability scanning, remediation planning, and support internal/external security audits Maintain and improve information security documentation and contribute to the continual advancement of our ISMS Support business continuity and disaster recovery planning and testing Get involved in exciting IT projects across the wider business Promote a strong security culture throughout the organisation Stay on the More ❯

organisations adapt, grow, and thrive in an ever-evolving world by building, shaping, and optimising diverse talent strategies. On behalf of Tesco IMS, AMS are now looking for a Information Security Analyst for a 6 month contract. We offer a hybrid working model, giving you the choice to collaborate in person from either the London or Edinburgh … they're helping their customers or looking after their people, you'll find there's a warmth and friendliness to everything they do. Key responsibilities: You will support the Information Security Manager in executing Tesco IMS's Supplier Security Assurance activities. Perform information security reviews on suppliers to help safeguard Tesco's systems and data. … Conduct information security risk assessments on suppliers and classify them as high, medium or low risk. Review our information security questionnaires completed by suppliers to determine whether supplier has appropriate controls in place. Where required, raise findings to be discussed with the supplier. Agree remediation plans and target dates for completion. Skills and Qualifications: Good experience More ❯

Senior Information Security Analyst - Watford £28.00 ph Contract Full time Overall purpose We are seeking an experienced Senior Information Security Analyst to provide immediate support to the Information Security team. This role is a hybrid of technical security analysis and governance, risk, and compliance (GRC)activities. The successful candidate will play … a key role in assessing risks, reviewing supplier and project security documentation, responding to security questionnaires and tenders, supporting incident investigations, and helping to maintain AFC s security posture and compliance with relevant standards (Cyber Essentials Plus, ISO 27001, DSPT, GDPR, NCSC). This is a hands-on delivery role for someone who can work independently, make … stakeholders. Essential (please do not apply if you do not have all of these as you will not be considered for interview) Minimum 5 years hands-on experience in Information Security Experience conducting security risk assessments Supplier/third-party security assurance Strong technical grounding Incident response collaboration Knowledge of compliance frameworks Strong written communication skills More ❯

Senior Information Security Analyst - Watford £28.00 ph Contract Full time Overall purpose We are seeking an experienced Senior Information Security Analyst to provide immediate support to the Information Security team. This role is a hybrid of technical security analysis and governance, risk, and compliance (GRC)activities. The successful candidate will play … a key role in assessing risks, reviewing supplier and project security documentation, responding to security questionnaires and tenders, supporting incident investigations, and helping to maintain AFC's security posture and compliance with relevant standards (Cyber Essentials Plus, ISO 27001, DSPT, GDPR, NCSC). This is a hands-on delivery role for someone who can work independently, make … stakeholders. Essential (please do not apply if you do not have all of these as you will not be considered for interview) Minimum 5 years' hands-on experience in Information Security Experience conducting security risk assessments Supplier/third-party security assurance Strong technical grounding Incident response collaboration Knowledge of compliance frameworks Strong written communication skills More ❯

Senior Information Security Analyst - Watford £28.00 ph Contract Full time Overall purpose We are seeking an experienced Senior Information Security Analyst to provide immediate support to the Information Security team. This role is a hybrid of technical security analysis and governance, risk, and compliance (GRC)activities. The successful candidate will play … a key role in assessing risks, reviewing supplier and project security documentation, responding to security questionnaires and tenders, supporting incident investigations, and helping to maintain AFC’s security posture and compliance with relevant standards (Cyber Essentials Plus, ISO 27001, DSPT, GDPR, NCSC). This is a hands-on delivery role for someone who can work independently, make … stakeholders. Essential (please do not apply if you do not have all of these as you will not be considered for interview) Minimum 5 years’ hands-on experience in Information Security Experience conducting security risk assessments Supplier/third-party security assurance Strong technical grounding Incident response collaboration Knowledge of compliance frameworks Strong written communication skills More ❯

Information Security Analyst Up to £200 per day (Inside IR35) | 3 Month Contract | Fully Remote Working Our client are seeking an experienced Information Security Analyst to provide immediate support to the Information Security team. This role is a hybrid of technical security analysis and governance, risk, and compliance (GRC)activities. The … successful candidate will play a key role in assessing risks, reviewing supplier and project security documentation, responding to security questionnaires and tenders, supporting incident investigations, and helping to maintain security posture and compliance with relevant standards (Cyber Essentials Plus, ISO 27001, DSPT, GDPR, NCSC). This is a hands-on delivery role for someone who can work … independently, make sound judgements, and communicate clearly with both technical and non-technical stakeholders. Key Responsibilities Security Governance & Risk Technical Security Oversight Supplier and Third-Party Security Assurance Advisory and Awareness Desirable Relevant certifications such as CISSP, CISM, CRISC, CEH, CompTIA Security+, or equivalent experience. Experience working in healthcare, charity, or public sector environments. Familiarity with NCSC More ❯

Information Security Compliance Analyst Location: Central London (Hybrid, 2 days in office per week) Type: Permanent, Full-time An exciting opportunity for an analytical and detail-oriented Information Security Compliance Analyst to join a growing, dynamic team supporting clients in the legal sector. This role offers broad exposure to information security frameworks … compliance standards, and client advisory work. Key Responsibilities Develop and maintain security documentation, policies, and onboarding materials aligned with ISO 27001 and related frameworks. Support implementation of compliance frameworks and assist clients in developing their own controls and policies. Manage and respond to security questionnaires, due diligence requests, and vendor assessments. Provide guidance to clients on information security and compliance requirements. Maintain accurate records, reporting, and documentation for internal and client use. About the Candidate Ideal for a motivated individual early in their career, possibly from a technical support, legal, or professional services background. Candidates should have: A foundational understanding of information security frameworks (ISO 27001, SOC 2, Cyber Essentials). Strong written More ❯

Lead Information Security Analyst We’re partnering with a leading digital business that takes cyber risk seriously. Their InfoSec team is award-winning, collaborative, and one of the most gender-diverse in the industry. They’re looking for a Lead Information Security Analyst to strengthen their security governance, risk, and compliance functions — ensuring … customer data and company systems remain secure while leading a small, capable team of analysts. What you’ll be doing: • Leading and supporting all aspects of security governance activities – from policy and exception management to risk and vendor assessments • Managing compliance and audit activities (ISO 27001, NIST, PCI DSS, NYDFS, etc.) and working closely with tech, legal, and audit … teams • Overseeing major projects to ensure security is baked in from inception to implementation • Coaching and developing a team of Information Security Analysts, fostering a proactive and high-performing culture • Acting as a hands-on leader who can balance strategy, delivery, and stakeholder engagement What you’ll bring: • Strong background in GRC (Governance, Risk, and Compliance) within More ❯

Senior Information Security Analyst - Watford £28.00 ph Contract Full time Overall purpose We are seeking an experienced Senior Information Security Analyst to provide immediate support to the Information Security team click apply for full job details More ❯

Affinity Water has a exciting opportunity available to work in our Cyber Security Team as a Operational Technology Information Security Analyst. The Role: As a Operational Technology Information Security Analyst will be responsible for safeguarding the organisation's Operational Technology (OT) environments from cyber threats. This role involves implementing OT security measures, monitoring … the OT network for threats, leading incident response efforts, validating security controls, and ensuring the resilience of OT systems. What you'll be doing: Implement and manage OT security controls, measures, and technologies to protect critical assets and systems. Conduct risk assessments, vulnerability management, and security testing. Develop and implement incident response plans and ensure compliance with … regulations. Conduct proactive threat hunting and reactive incident response. Provide regular reports on security status, including incidents, vulnerabilities, and overall health of OT systems. Collaborate with cross-functional teams, including network engineers, system administrators, and external cybersecurity teams. What you'll need: At least 3 years of experience in OT security engineering, incident response, or a related field. More ❯

Type: PermanentLocation: Hybrid Overview: We are looking for a detail-oriented and proactive Information Security Compliance Analyst to join our team on a permanent basis. This role is pivotal in supporting the development and continuous improvement of our global information security compliance program.You will be responsible for ensuring that all corporate and subsidiary operations comply … with internal security policies, regulatory requirements, and internationally recognised frameworks such as ISO27001, NIST, SOX, GDPR, CMMC, amongst others. Key Responsibilities: Support the execution and enhancement of the global information security compliance program. Conduct internal audits, third-party risk assessments, and due diligence reviews. Ensure alignment with regulatory and industry standards including ISO27001, NIST, SOX, GDPR, SOC … HIPAA, CCPA, LGPD. Collaborate with cross-functional teams across multiple jurisdictions to drive compliance initiatives. Identify gaps in security controls and recommend corrective actions. Maintain and update security policies, procedures, and documentation. Monitor changes in global regulations and assess their impact on business operations. Minimum of 3 years experience. Skills Required: Proven experience in information security More ❯

Type: PermanentLocation: Hybrid Overview: We are looking for a detail-oriented and proactive Information Security Compliance Analyst to join our team on a permanent basis. This role is pivotal in supporting the development and continuous improvement of our global information security compliance program.You will be responsible for ensuring that all corporate and subsidiary operations comply … with internal security policies, regulatory requirements, and internationally recognised frameworks such as ISO27001, NIST, SOX, GDPR, CMMC, amongst others. Key Responsibilities: Support the execution and enhancement of the global information security compliance program. Conduct internal audits, third-party risk assessments, and due diligence reviews. Ensure alignment with regulatory and industry standards including ISO27001, NIST, SOX, GDPR, SOC … HIPAA, CCPA, LGPD. Collaborate with cross-functional teams across multiple jurisdictions to drive compliance initiatives. Identify gaps in security controls and recommend corrective actions. Maintain and update security policies, procedures, and documentation. Monitor changes in global regulations and assess their impact on business operations. Minimum of 3 years experience. Skills Required: Proven experience in information security More ❯

Role Overview Our client is seeking an experienced, hands on Senior Information Security Analyst to support both their technical security work and governance, risk and compliance (GRC). You will assess risks, review supplier and project security, respond to security questionnaires and tenders, support incident investigations, and help maintain compliance with Cyber Essentials Plus … ISO 27001, DSPT and GDPR. Responsibilities Conduct risk assessments for systems, projects and third parties; document findings and remediation. Review and respond to supplier/security questionnaires and tender submissions. Support vulnerability and patch management; interpret scans and prioritise fixes. Advise IT teams on alerts, incidents and security configuration (M365/Azure/Defender/DLP/Conditional … Access). Maintain risk register and track remediation actions from audits or incidents. Support compliance activities (ISO 27001, Cyber Essentials Plus, DSPT) and contribute to policy updates. Provide clear security advice to projects and senior stakeholders. What you'll need to succeed Proven experience in information security, with a blend of technical and GRC responsibilities. Strong understanding More ❯

Affinity Water has a exciting opportunity available to work in our Cyber Security Team as a Operational Technology Information Security Analyst. The Role: As a Operational Technology Information Security Analyst will be responsible for safeguarding the organisation's Operational Technology (OT) environments from cyber threats click apply for full job details More ❯

Information Security Assurance, Compliance Analyst – Staffordshire We’re looking for an experienced Information Security Compliance & Assurance Analyst to own a brand-new role with real scope to make an impact. Are you ready to take the lead in keeping data secure and driving compliance across a growing organisation? You’ll build frameworks from scratch … the confidence to influence change across teams. This is your chance to shape the role globally, implement meaningful improvements, and leave a lasting mark on a company that values security and compliance. This is an exciting opportunity to work on both audits and the development of innovative programmes within a well-established organisation that offers excellent prospects for career … progression and development. For more information, get in touch. More ❯

Role Overview Our client is seeking an experienced, hands on Senior Information Security Analyst to support both their technical security work and governance, risk and compliance (GRC). You will assess risks, review supplier and project security, respond to security questionnaires and tenders, support incident investigations, and help maintain compliance with Cyber Essentials Plus More ❯

We are looking for an Information Governance/Security Analyst to support one of our NHS customers in the North West. Key Responsibilities: Essential Functions Establishment - Review Trust-wide populated BCPs to identify systems, suppliers, their function, criticality, and interdependencies. - Formalise the Trust Essential Functions Register, populating the NHSE DSPT Essential Function Template with supporting policies and … the central Data Agreement Register. - Review contracts for: - Cybersecurity clauses - Right to audit - Data protection clauses - Incident breach notification requirements - Details of sub-processors - Review contracts for technical and security risks. - Document supplier certifications and ensure records are in date. More ❯

Looking to move away from retail, hospitality or shift work – and build a career that actually gives you long-term stability and flexibility? Cyber Security is one of the fastest-growing industries in the world, and you don’t need prior IT experience to get started. Our Cyber Security Career Programme is designed for people who want to … hours of live, instructor-led online training. Everything is built around practical learning, so you’ll get real-world project work that prepares you for what happens in real security environments. We help people at every stage of their career journey. Many of our students come from completely different backgrounds – sales, retail, customer service – and go on to land … ready to move into a career that pays better, helps you grow faster, and can be done from anywhere, this is your next step. Interested to start your Cyber Security journey? Click below. More ❯