Information Security Analyst

Posted 3 hours 32 minutes ago by Sanderson Recruitment Plc

£45,000 Annual
Permanent
Not Specified
Other
Surrey, Guildford, United Kingdom, GU1 1
Job Description

Role: Information Security Analyst
Location: Guildford (Hybrid options available)
Salary: Circa £45,000 (plus comprehensive benefits package)
Start date: ASAP

My client, a leading financial services organisation, is looking for an Information Security Analyst to join their team. This is an excellent opportunity to play a key role in advancing the company's security posture by delivering Governance, Risk, and Compliance (GRC) initiatives and embedding the NIST Cyber Security Framework (CSF) across the business.

Key skills/responsibilities:

  • Deliver day-to-day GRC activities, including designing and implementing security controls and managing information security risks
  • Interpret and apply requirements from the Group Information Security Framework
  • Conduct gap assessments, identify risks, and support maturity uplift across security functions
  • Develop and maintain an information security controls catalogue, policies, and procedures aligned with NIST CSF
  • Collaborate with business units to integrate security measures into operations
  • Support compliance activities for frameworks such as Cyber Essentials, PCI DSS, and the Group Information Security Framework
  • Facilitate reviews and updates to ensure controls remain effective against evolving threats

Essential skills:

  • Minimum 2 year's experience in information security, with a solid understanding of security control and governance frameworks
  • Experience in developing security controls catalogue in a financial services environment (highly desirable)
  • Proven experience in delivering security projects within a federated organisation

Desirable skills:

  • Knowledge of NIST CSF, ISO 27001, Cyber Essentials, PCI DSS, DORA
  • Understanding of risk methodologies and data analysis for reporting
  • Strong documentation skills (control matrices, process flows, SOPs)
  • Excellent communication skills for both technical and non-technical stakeholders
  • Relevant certifications such as CISSP, CCSP, CRISC, CISM, or ISO 27001 Lead Implementer

If this role sounds of interest and you would like to learn more do not hesitate to contact me on (see below)

Reasonable Adjustments:

Respect and equality are core values to us. We are proud of the diverse and inclusive community we have built, and we welcome applications from people of all backgrounds and perspectives. Our success is driven by our people, united by the spirit of partnership to deliver the best resourcing solutions for our clients.

If you need any help or adjustments during the recruitment process for any reason, please let us know when you apply or talk to the recruiters directly so we can support you.