Senior Information Security Analyst

Technology

Canary Wharf Limited

Associate Director - Information Security & IT Risk

Under the direction of the Associate Director - Information Security & IT Risk the post‑holder will play an important role in protecting the Canary Wharf Estate and Canary Wharf Group from information and cyber security threats and hazards. From the outset the post‑holder will be exposed to a wide range of stakeholders across all levels and will gain great insight into how information security is managed in the organisation and support the business strategy. Salary range 70,000 – 75,000 per annum.

• Support the Associate Director in the development of new information and cyber security policies, processes, and procedures.
• Act as Senior Information Security partner to stakeholders and internal Technology teams across Canary Wharf Group, working proactively to embed security into initiatives, programmes, and projects through early engagement and pragmatic, risk‑based advice.
• Provide expert review and challenge of technology solutions and designs, advising on security risks, control requirements and opportunities to improve information and cyber security maturity.
• Help design, assess and improve technical security controls, including leading Cloud Security Assessments and tracking remediation activities.
• Lead third‑party information security risk management activities, including supplier security assessments, risk evaluations and engagement with vendors to address identified security gaps.
• Lead information security assurance activities, including control effectiveness reviews, thematic assessments and support for internal and external audits, ensuring findings and remediation actions are managed to completion.
• Play a key role in the operation and continual improvement of the ISO 27001 Information Security Management System (ISMS) and Cyber Essentials Plus, including control ownership, audit preparation and evidence management.
• Ensure information security is embedded into organisational change by collaborating closely with Technology and project delivery teams, providing security input and sign‑off for projects, system changes and new services and promoting security‑by‑design principles.
• Provide senior information security support during security incidents, including impact assessment, containment advice, lessons learned and post‑incident improvement activities.
• Own and evolve the group‑wide information security education and awareness programme, including the design and delivery of targeted training and in‑person sessions for colleagues and senior stakeholders.
• Develop and maintain information security metrics, dashboards and reporting to support governance forums and senior management decision‑making, including risk posture, control maturity and compliance status.
• Further professional development and understanding of information and cyber security through completion of training and attendance at industry conferences.
• Assist the data protection team with Data Protection Impact Assessments and related tasks.
• Deputise for the Associate Director – Information Security & IT Risk when required, providing leadership, continuity of service and mentoring support to junior team members.

• At least 3 years of experience in Information Security or a closely related discipline.
• Holders of a STEM (Science, Technology, Engineering or Mathematics) qualification are preferred; individuals from all educational backgrounds will be considered. Qualifications such as CISM, CRISC, CompTIA Security+ or equivalent are desirable.
• Practical experience with enterprise security tools and technologies (e.g. endpoint protection, data loss prevention, identity and access management, security monitoring and threat detection solutions).
• Ability to interpret outputs from security tools and use them to inform risk decisions and remediation activities.
• Ability to work autonomously and manage projects/tasks through their lifecycle to completion.
• Awareness of recent developments which have impacted information and cyber security.
• Understanding and appreciation of why information and cyber security are important to businesses, in particular real estate and construction.
• Excellent communicator with strong verbal and written skills, capable of interacting at all levels of an organisation.
• Robust organisational skills with the ability to manage multiple tasks and work to deadlines.
• Prepared to work flexibly and varied hours as required, including out‑of‑hours call‑out and attendance.

All staff are required to fulfil their legal duty to take reasonable care for the health and safety of themselves and others who may be affected by their acts and omissions, and to follow all guidance and instructions given in this respect. Further details regarding Health & Safety responsibilities are set out in the Health & Safety Policy in the Administrative Rules and Procedures, and the Health, Safety & Welfare Manual.

Recognising the centrality of ESG principles within our organisation, we have developed a comprehensive ESG Strategy. It is imperative that all staff members understand and adopt this strategy into their respective roles. This includes adhering to environmental regulations, minimising waste, supporting nature within our urban environment, and facilitating positive change for those in need within our community and utilising our volunteering.

In line with the latest ISO 9001 requirements and our dedication to quality management, all staff are mandated to comply with system requirements as detailed within the Company Quality Manual & Policies. Additionally, it is vital to ensure the effective implementation of all Procedures, Plans and Forms within our Electronic Document Management Systems (EDMS) to meet the ISO 9001: Quality Management Standard.

• Act with integrity and deliver high performance
• Put our customers at the heart of what we do
• Resolve issues by providing high quality solutions

• Find opportunities to collaborate with others across the business to achieve shared goals
• Encourage inclusive networks and treat others with respect and fairness
• Use knowledge to work effectively with suppliers/contractors to meet shared goals

• Confident in making decisions appropriate to the role
• Learn from mistakes and listen to constructive feedback to improve performance
• Prioritise safety and actively support community, wellbeing and sustainability programmes

• Take pride in delivering high quality service which exceeds expectations
• Committed to opportunities for self‑development
• Take responsibility for my own performance and look for ways to improve

• Embrace change and innovation
• Proactively suggest ways to improve our business and encourage others to share ideas
• See new challenges as opportunities to deliver effective change

We recognise the importance of embracing diverse experience, skills and perspectives at all levels and operating in an inclusive working environment, in order for everyone to reach their full potential. We also recognise that it makes business sense, since being an inclusive employer leads to better business performance and higher levels of employee engagement and satisfaction. We welcome applicants with diverse backgrounds, perspectives and skills and are committed to fostering a culture whereby everyone can reach their full potential.

As an inclusive employer, we recognise the positive impact flexible working can have on an individual, their wellbeing, engagement and productivity. Therefore, we are open to consider flexible working arrangements, both temporary or permanent.

At Canary Wharf Group, our employees receive a wide range of support to help improve their skills and achieve their career goals. We offer development opportunities through classroom and e‑learning training, mentoring, cross‑department experience and on‑the‑job learning. We heavily invest in our staff attaining accreditations to develop existing and new skills, support chartered status, sponsorships and provide further educational opportunities which are job and business related. We never stand still and continually invest in developing skills and knowledge to ensure individual and company growth.

We are committed to building a safe, happy and healthy community for our employees and we offer a comprehensive range of benefits, all designed with our employees and their wellbeing in mind. From generous pension and insurance plans, to health benefits, subsidised gym membership, store discounts and family leave, our benefits package allows our employees to choose the benefits that suit them and their individual needs.

If you are interested in joining our highly professional and skilled team for our next exciting phase of development, please complete the form on this page to apply online. Early applications are encouraged as we reserve the right to appoint at any point.