Enable job alerts via email!
IT Security Analyst
83zero Limited
Gerrards Cross
Hybrid
GBP 50,000 - 55,000
Full time
Job summary
A leading software company based in the UK is seeking an IT Security Analyst to enhance their security function. This position entails managing customer security responses and compliance assessments while collaborating across departments. Candidates should have over three years of related experience, strong communication skills, and knowledge of security frameworks. This role offers a competitive salary, flexible hybrid working, and excellent career development opportunities.
Benefits
Qualifications
- 3+ years' experience in Information Security, GRC, or Vendor Risk Management.
- Strong experience issuing or responding to security questionnaires.
- Knowledge of ISO 27001 Annex A, SOC 2, and GDPR/CCPA.
Responsibilities
- Own and manage responses to customer security questionnaires.
- Work cross-functionally with Legal, Compliance, Procurement, Product, and Security teams.
- Conduct vendor risk assessments against frameworks.
Skills
Tools
Location: Hybrid - Buckinghamshire
Salary: £50,000 - £55,000 + Benefits
83zero are partnered with a market-leading software company who are on a mission to transform the construction and related industries through their end-to-end digital solutions. With teams across the UK, Europe, USA and India, they are delivering large-scale transformation projects on a global scale and are continuing to expand.
We are now looking for a highly organised and detail-driven IT Security Analyst to join their growing security function. This role plays a key part in securing customer trust and supplier integrity, ensuring compliance with recognised frameworks, and supporting wider security initiatives.
- Own and manage responses to customer security questionnaires (SIG, CAIQ, bespoke).
- Work cross-functionally with Legal, Compliance, Procurement, Product and Security teams.
- Maintain the security assurance matrix in line with ISO 27001, Cyber Essentials, and SOC 2.
- Act as the key point of contact for security assurance queries.
- Conduct vendor risk assessments against ISO 27001, NIST, and CIS Controls.
- Manage the third-party due diligence programme, including onboarding and periodic reviews.
- Track and publish key security metrics such as risk severity, SLA adherence, and turnaround times.
- Provide audit artefacts and support internal/external audits.
- Contribute to broader security initiatives and continuous improvement within the organisation.
- 3+ years' experience in Information Security, GRC, or Vendor Risk Management.
- Strong experience issuing or responding to security questionnaires.
- Knowledge of ISO 27001 Annex A, SOC 2, and GDPR/CCPA.
- Excellent communication skills, able to translate technical risk to non-technical stakeholders.
- Eligible to work in the UK and able to pass background checks.
- Certifications such as CRISC, CISSP, CISA, or ISO 27001 Lead Auditor.
- Familiarity with SaaS/cloud platforms (AWS, Azure, GCP).
- Understanding of secure software supply chains (SBOM, SLSA).
- £50,000 - £55,000 base salary
- 25 days annual leave + public holidays (increasing with service)
- Matched pension scheme
- Private medical insurance & life assurance
- Fitness allowance
- Paid study leave & volunteering days
- Flexible hybrid working
- Excellent career development and training opportunities
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
job faster
Follow us
