We are seeking a motivated Information Security Analyst / Senior Analyst to join our Information Security & Risk department. This is an exciting opportunity for an enthusiastic individual who is keen to develop their career in information security and risk management within a supportive team. The successful candidate will support the delivery of our business continuity, information security, and risk programmes while having the opportunity to learn and grow. Business Continuity Management
- Assist in updating and maintaining business continuity plans across the firm
- Support the coordination and documentation of business continuity plan testing and follow-up
- Prepare materials and help deliver group business continuity and information security training
- Support business impact assessments by gathering data on systems, processes, and recovery objectives from different business units
Security and Third Party Risk Management - Carry out initial information security assessments and help complete client due diligence questionnaires
- Assist with third party onboarding checks and ongoing risk reviews
- Log and track third party security risks, escalating any concerns appropriately
ISO 27001 Governance and Policy Management - Support the maintenance and improvement of the firm’s Information Security Management System (ISMS)
- Assist with internal auditing activities and provide administrative support for compliance efforts
- Help review and update information security policies and procedures under supervision
Training and Awareness - Contribute to induction and information security awareness activities for new joiners
- Support the development and rollout of targeted training and communications across the business
Other Responsibilities - Participate in incident response processes as directed, including documentation and investigation
- Keep up to date with current information security trends and share learnings with the team
- Contribute to a culture of integrity, confidentiality, and continual improvement
Skills, Knowledge and Expertise - Interest or experience in information security, risk, or business continuity (in a professional services or similar environment would be an advantage)
- Strong attention to detail and willingness to learn
- Good communication and interpersonal skills, with a proactive and collaborative approach
- Analytical and organised, able to work with data and documentation
- Desire to gain or progress towards professional security certifications (such as ISC2 SSCP, ISACA, ISO 27001 Foundation, or equivalent)