Information Security Analyst

Social network you want to login/join with:

Client: Cloud Decisions

Location: Kingston upon Hull, East Yorkshire, United Kingdom

Job Category: Other

EU work permit required: Yes

Job Views: 5

Posted: 31.05.2025

Expiry Date: 15.07.2025

Upto £57,500 + Enterprise Benefits (Life Ins/Medical/Pension)

Fully Remote (UK only)

***Please Note: NOT A CYBER SEC TECHNICAL ROLE***

Be part of their high growth Information Security plans as they build the team to x4

Cloud Decisions has partnered with one of the UK’s most exciting enterprise technology transformations: a £multi-billion, employee-owned group, one of the top 10 largest employee-owned businesses in the UK, and one of the largest global players in insurance across 100+ countries.

Following a wave of acquisitions and continued digital modernisation and compliance, they’re hiring an Information Security Assurance Analyst who understands controls & compliance with security regulations and standards. The role involves working in a small, high-trust team, working autonomously to build InfoSec capability, ensuring regulatory compliance, information security maturity, and readiness for audits, tenders, or risk reviews.

• Schedule and Coordinate Assessments: Coordinate control assessments with control owners, asset custodians, and third parties.
• Evaluate Controls: Assess design and effectiveness of security controls against policies and standards.
• Documentation Maintenance: Keep documentation of assessments and remediation activities up to date.
• Organise Control Evidence: Ensure control evidence is organized and accessible.
• Notify Deviations: Notify relevant parties of deviations from processes and procedures.
• Risk Analysis Reports: Write reports on the impact of control gaps on risks.
• Communicate Findings: Share issues with security leadership clearly.
• Dashboard and Reporting Input: Update dashboards and reports with current data.
• System Security Plans (SSPs): Support documentation of security requirements for systems, including controls and ongoing monitoring.

• Update Processes: Lead efforts to address process gaps.
• Enhance Procedures: Improve procedures and develop tests with control owners.
• Propose Enhancements: Suggest control improvements through formal channels.
• Reporting Support: Assist with regular reporting on control assessments.

• Third-Party Due Diligence: Manage due diligence requests, document deficiencies, and liaise for resolution.
• Audit Preparation and Support: Prepare evidence and respond to audit inquiries and findings.

• Continuous Improvement: Identify and implement process improvements.
• Training and Development: Train team members and stakeholders on assessment practices.
• Vendor Management: Ensure vendors have BCDR plans and assess their capabilities regularly.

Knowledge of DORA, PCDSS, SARBOX is beneficial but not essential.