Guildford, Surrey, England, United Kingdom Hybrid / WFH Options
Sanderson
Role: InformationSecurityAnalyst Location: Guildford (Hybrid options available) Salary: Circa £45,000 (plus comprehensive benefits package) Start date: ASAP My client, a leading financial services organisation, is looking for an InformationSecurityAnalyst to join their team. This is an excellent opportunity to play a key role in advancing the company's security posture by delivering Governance, Risk, and Compliance (GRC) initiatives and embedding the NIST Cyber Security Framework (CSF) across the business. Key skills/responsibilities: Deliver day-to-day GRC activities, including designing and implementing security controls and managing informationsecurity risks Interpret and apply requirements from the Group InformationSecurity Framework Conduct gap … assessments, identify risks, and support maturity uplift across security functions Develop and maintain an informationsecurity controls catalogue, policies, and procedures aligned with NIST CSF Collaborate with business units to integrate security measures into operations Support compliance activities for frameworks such as Cyber Essentials, PCI DSS, and the Group InformationSecurity Framework Facilitate reviews More ❯
Surrey, England, United Kingdom Hybrid / WFH Options
Sanderson
InformationSecurity Senior Analyst Location: Surrey (Hybrid) Our client, a large corporate organisation based in Surrey, is seeking an InformationSecurity Senior Analyst with experience of Risk & Controls to join their team. The successful candidate will have proven experience in risk management, controls, and governance frameworks, who can lead initiatives, mentor others, and collaborate … effectively across business units. You should be both strategic and hands-on, with a passion for proactive security and continuous improvement. Responsibilities: Lead the InfoSec risk register - Identify, assess, and mitigate informationsecurity risks. Own control frameworks - Maintain and improve controls to ensure alignment with standards like NIST CSF and COBIT. Drive assurance - Monitor the effectiveness of … security controls, including outcomes of penetration testing and red team exercises. Collaborate with business units - Act as a security advocate and guide cross-functional teams in secure practices. Lead technical initiatives - Provide hands-on leadership and mentor more junior team members. Conduct threat and vulnerability assessments - Take a proactive role in identifying potential security threats. Skills and More ❯
Senior InformationSecurityAnalyst We are looking for a Senior InformationSecurityAnalyst with a strong operational background with a focus on Cyber Security and a working knowledge of GRC to be part of a central team supporting a mixture of security operations ensuring compliance with business needs. This will focus around … vulnerability and threat management, making sure security controls are functioning, mentorship of junior members and working being part of a 24 x 7 remote support rota. If you have experience of working in Cyber Securityand are keen to make a difference here is what we are looking for: Significant experience of working in a security related role, with … demonstrable experience within an operational aspect with extensive vulnerability and threat management. A strong understanding of Risk Assessment frameworks and methodologies. The ability to explain complex security issues in a fashion that could be understood by non-technical people. Knowledge of cloud security, with a knowledge of Azure/O365 Possess a knowledge of various technologies, how they More ❯
Senior InformationSecurityAnalyst We are looking for a Senior InformationSecurityAnalyst with a strong operational background with a focus on Cyber Security and a working knowledge of GRC to be part of a central team supporting a mixture of security operations ensuring compliance with business needs. This will focus around … vulnerability and threat management, making sure security controls are functioning, mentorship of junior members and working being part of a 24 x 7 remote support rota. If you have experience of working in Cyber Securityand are keen to make a difference here is what we are looking for: Significant experience of working in a security related role, with … demonstrable experience within an operational aspect with extensive vulnerability and threat management. A strong understanding of Risk Assessment frameworks and methodologies. The ability to explain complex security issues in a fashion that could be understood by non-technical people. Knowledge of cloud security, with a knowledge of Azure/O365 Possess a knowledge of various technologies, how they More ❯
We are recruiting for a Senior InformationSecurityAnalyst to join an established security team within a highly respected organisation that makes a real difference. This is a hybrid role with a balance of operational and governance responsibilities. Kent (Hybrid – 2 days office) What we are looking for: A Senior SecurityAnalyst to lead … security operations and incident response Someone to assure security controls, manage vulnerabilities, and maintain policies A mentor to support junior analysts while contributing to governance and compliance work Strong technical background – SOC, incident response, threat intelligence or security engineering Experience with Microsoft Security tools (Sentinel, Defender, etc.) Knowledge of governance, risk and compliance frameworks (PCI, FCA More ❯
We are recruiting for a Senior InformationSecurityAnalyst to join an established security team within a highly respected organisation that makes a real difference. This is a hybrid role with a balance of operational and governance responsibilities. Kent (Hybrid – 2 days office) What we are looking for: A Senior SecurityAnalyst to lead … security operations and incident response Someone to assure security controls, manage vulnerabilities, and maintain policies A mentor to support junior analysts while contributing to governance and compliance work Strong technical background – SOC, incident response, threat intelligence or security engineering Experience with Microsoft Security tools (Sentinel, Defender, etc.) Knowledge of governance, risk and compliance frameworks (PCI, FCA More ❯
