2 of 2 Permanent Security Analyst Jobs in Surrey

Role: Information Security Analyst Location: Guildford (Hybrid options available) Salary: Circa £45,000 (plus comprehensive benefits package) Start date: ASAP My client, a leading financial services organisation, is looking for an Information Security Analyst to join their team. This is an excellent opportunity to play a key role in advancing the company's security posture … by delivering Governance, Risk, and Compliance (GRC) initiatives and embedding the NIST Cyber Security Framework (CSF) across the business. Key skills/responsibilities: Deliver day-to-day GRC activities, including designing and implementing security controls and managing information security risks Interpret and apply requirements from the Group Information Security Framework Conduct gap assessments, identify risks, and … support maturity uplift across security functions Develop and maintain an information security controls catalogue, policies, and procedures aligned with NIST CSF Collaborate with business units to integrate security measures into operations Support compliance activities for frameworks such as Cyber Essentials, PCI DSS, and the Group Information Security Framework Facilitate reviews and updates to ensure controls remain More ❯

Information Security Senior Analyst Location: Surrey (Hybrid) Our client, a large corporate organisation based in Surrey, is seeking an Information Security Senior Analyst with experience of Risk & Controls to join their team. The successful candidate will have proven experience in risk management, controls, and governance frameworks, who can lead initiatives, mentor others, and collaborate effectively across … business units. You should be both strategic and hands-on, with a passion for proactive security and continuous improvement. Responsibilities: Lead the InfoSec risk register - Identify, assess, and mitigate information security risks. Own control frameworks - Maintain and improve controls to ensure alignment with standards like NIST CSF and COBIT. Drive assurance - Monitor the effectiveness of security controls … including outcomes of penetration testing and red team exercises. Collaborate with business units - Act as a security advocate and guide cross-functional teams in secure practices. Lead technical initiatives - Provide hands-on leadership and mentor more junior team members. Conduct threat and vulnerability assessments - Take a proactive role in identifying potential security threats. Skills and experience required: Strong More ❯