Information Security Assurance Analyst Overview: Our client is looking for an Information Security Assurance Analyst Operations. The aim of this role is the effective operation, reporting and evidencing of their technology and information security control environment and the overall Information Security Management System (ISMS). Based in Reigate/hybrid - 2 days in the … and provide necessary support in planning and completing internal ISMS reviews. Supplier onboarding and annual supplier security assessments – Maintaining and developing our security awareness and education programmes – Analysis of information security alerts and incidents – Report on incidents, risks, threats and vulnerabilities – Scheduling internal and external penetration and vulnerability tests and managing remediation planning Assist in evaluation of cyber security … tools Manage online ISMS system. Assist the ISM to deliver Information Security projects Participate in technology and information security related audits, providing support regarding the collation and supply of evidence to requests. Ensuring information security controls are evaluated and effective - Identifying ISMS nonconformities - Respond to audit recommendations. Establish a good working relationship with all internal and external More ❯
Guildford, Surrey, England, United Kingdom Hybrid / WFH Options
Sanderson
Role: Information Security Analyst Location: Guildford (Hybrid options available) Salary: Circa £45,000 (plus comprehensive benefits package) Start date: ASAP My client, a leading financial services organisation, is looking for an Information Security Analyst to join their team. This is an excellent opportunity to play a key role in advancing the company's security posture by … and embedding the NIST Cyber Security Framework (CSF) across the business. Key skills/responsibilities: Deliver day-to-day GRC activities, including designing and implementing security controls and managing information security risks Interpret and apply requirements from the Group Information Security Framework Conduct gap assessments, identify risks, and support maturity uplift across security functions Develop and maintain an … information security controls catalogue, policies, and procedures aligned with NIST CSF Collaborate with business units to integrate security measures into operations Support compliance activities for frameworks such as Cyber Essentials, PCI DSS, and the Group Information Security Framework Facilitate reviews and updates to ensure controls remain effective against evolving threats Essential skills: Minimum 2 year's experience in More ❯
Surrey, England, United Kingdom Hybrid / WFH Options
Sanderson
Information Security Senior Analyst Location: Surrey (Hybrid) Our client, a large corporate organisation based in Surrey, is seeking an Information Security Senior Analyst with experience of Risk & Controls to join their team. The successful candidate will have proven experience in risk management, controls, and governance frameworks, who can lead initiatives, mentor others, and collaborate effectively across … business units. You should be both strategic and hands-on, with a passion for proactive security and continuous improvement. Responsibilities: Lead the InfoSec risk register - Identify, assess, and mitigate information security risks. Own control frameworks - Maintain and improve controls to ensure alignment with standards like NIST CSF and COBIT. Drive assurance - Monitor the effectiveness of security controls, including outcomes … more junior team members. Conduct threat and vulnerability assessments - Take a proactive role in identifying potential security threats. Skills and experience required: Strong experience in risk & controls within the information security, ideally in a regulated industry. Experience in large, complex enterprise environments (e.g., multiple sites, technologies). Hands-on leadership in technical InfoSec initiatives. Strong understanding and implementation of More ❯
