Information Security Analyst

Information Security Analyst – Financial Services – Up to £60k – Hybrid – London

Overview:
An exciting opportunity has arisen for an Information Security Analyst to join a global Financial Services company operating on a global scale across retail, healthcare and other sectors. In this role, you will be responsible for monitoring, assessing, and responding to security incidents and threats, ensuring compliance with security policies, and implementing measures to protect the organisation’s data and IT infrastructure.

Role & Responsibilities:

• Monitor networks and systems for security breaches, intrusions, and abnormal system behavior
• Investigate security incidents, perform root cause analysis, and provide incident response support
• Conduct regular vulnerability assessments and penetration testing; assist in remediation efforts
• Maintain and manage SIEM (Security Information and Event Management) tools and log analysis
• Develop and enforce security policies, standards, and procedures
• Work with IT and development teams to implement secure system designs and configurations
• Support compliance initiatives (e.g., ISO 27001, NIST, GDPR, PCI-DSS) by assisting with audits and documentation
• Conduct security awareness training and phishing simulations for employees
• Keep up-to-date with the latest security trends, threats, and technology solutions
• Bachelor’s degree in Information Security, Computer Science, or related field (or equivalent experience)
• 2+ years of experience in an information security or cybersecurity role
• Strong understanding of security principles, frameworks, and practices (e.g., CIA triad, defense in depth)
• Experience with SIEM tools, intrusion detection/prevention systems (IDS/IPS), firewalls, and endpoint protection
• Familiarity with vulnerability scanning tools (e.g., Nessus, Qualys) and remediation processes
• Knowledge of networking protocols, operating systems (Windows, Linux), and cloud platforms
• Excellent analytical, problem-solving, and communication skills
• Security certifications such as CompTIA Security+, SSCP, CEH, GSEC, or CISSP (or actively working toward one)
• Experience with cloud security in AWS, Azure, or GCP environments
• Knowledge of scripting or automation (e.g., Python, PowerShell) for security tasks
• Understanding of DevSecOps practices and secure SDLC

Package:

• Hybrid working – 3 days in London office
• Opportunities for professional growth and certification support
• Collaborative and inclusive team environment