Senior Information Security Analyst

Senior Information Security Analyst – 3-Month Remote Contract

💰 Rate: £36.03 per hour (umbrella)

🕐 Duration: 3 months

🌍 Location: Remote (UK-based)

🏢 Sector: Not-for-profit / Public Sector (confidential client)

Overview

We’re supporting a leading UK not-for-profit organisation in strengthening its information security posture following a major digital transformation.

They’re looking for an experienced Senior Information Security Analyst to provide immediate support across both technical security assurance and governance, risk, and compliance (GRC) .

This is a hands-on delivery role, ideal for someone who’s comfortable working autonomously, assessing risk, and providing clear, practical advice to technical and non-technical teams alike.

Key Responsibilities

Security Governance & Risk

• Conduct risk assessments across systems, suppliers, and projects.
• Review and respond to security questionnaires and tenders.
• Support remediation activities and maintain the Information Security Risk Register.
• Contribute to maintaining compliance with ISO 27001, Cyber Essentials Plus, DSPT, and GDPR .

Technical Security Oversight

• Review alerts, vulnerabilities, and incidents, providing risk-based recommendations.
• Validate configurations across the Microsoft security stack (M365, Azure, Defender, DLP, Conditional Access) .
• Support vulnerability and patch management activities.
• Provide input to technical change reviews and post-incident analysis.

Supplier Assurance

• Conduct third-party risk assessments for new and existing suppliers.
• Evaluate supplier evidence against internal standards and track high-risk findings.
• Collaborate with procurement and legal on security clauses and data protection obligations.

Skills & Experience

✅ 5+ years’ experience in Information Security, combining technical and GRC work.

✅ Strong understanding of cloud and endpoint security (Microsoft-based environments).

✅ Experience conducting risk assessments and reviewing supplier assurance evidence.

✅ Familiarity with ISO 27001, Cyber Essentials Plus, DSPT, GDPR, and NCSC guidance.

✅ Ability to interpret vulnerability reports and advise on remediation priorities.

✅ Excellent written communication and stakeholder engagement skills.

Desirable

⭐ Certifications such as CISSP, CISM, CRISC, CEH, or Security+ .

⭐ Experience in public sector, healthcare, or charity settings.

⭐ Familiarity with NCSC CAF and NHS DSPT frameworks.

Personal Attributes

• Pragmatic, calm, and delivery-focused.
• Strong integrity and attention to detail.
• Confident working independently and making risk-based decisions.
• Able to communicate clearly with senior stakeholders and technical teams alike.

If you’re an experienced Information Security Analyst who enjoys combining technical security insight with governance and assurance, this short-term remote contract offers an opportunity to make a meaningful impact.

📩 Apply now or message me directly for an informal chat.