Information Security Analyst

1 month ago

London, United Kingdom LHV Bank Limited Full time

We are currently looking for an Information Security GRC Analyst who will help shape our cybersecurity posture. You will be central to identifying and mitigating security risks, ensuring compliance with regulatory requirements, and developing robust security frameworks.

You will also be tasked with managing data privacy, crafting business continuity plans, and leading our security awareness initiatives. This position offers a unique opportunity to safeguard our digital infrastructure and contribute significantly to our overall security strategy.

Please note that we are asking the successful candidate to be in our London Office 2-3 days a week

Duties and responsibilities:

Third party security (clients, partners and suppliers)

  • Manage and maintain client due diligence questionnaires on behalf of InfoSec and IT to include maintaining repository of responses and ensuring timely responses to requesting team
  • Support with onboarding new suppliers as part of Project Management and Supplier Risk Management maintaining and reviewing third party questionnaires, collating responses, identifying gaps within baselines controls and proposing recommendations where appropriate
  • Respond to due diligence questionnaires to assist with client onboarding

Information Risk Management

  • Work closely with ERM and Audit and other teams where required to ensure risks are managed within risk appetite and audit findings are closed within an agreed timeframe.
  • Demonstrated expertise in implementing risk frameworks and applying risk management principles.

Maintain Policies and standards

  • Maintain ISMS related policies, guidance, and procedures to include document management, version control.
  • Support the design and execution of the Information Security Governance, Risk and Compliance roadmap.

Consulting with the business to identify risks and implement mitigations and actions

  • Work with IT Security Operations and IT in general to ensure that baseline security processes are documented and followed in line with ISO27001 and regulatory requirements
  • Information security incident management liaising with Security Operations Team to include reporting, advising, response and escalation to management
  • Advise IT with managing technical risks & issues through vulnerability management oversight, gap analysis and ensure that findings are documented and assigned for remediation
  • Manage DLP related incidents and support with policy changes of DLP tool

Data Privacy

  • Develop the Personal Information Management System (PIMS) in line with ISO 27701
  • Conduct DPIA’s, Article 30 (record of processing activity), data privacy notice, data privacy policy, data retention audits
  • Consult with DPO
  • Develop and test procedures for breach notification and escalation

Business Continuity and Disaster Recovery

  • Implement the Business Continuity and Disaster Recovery Framework in line with ISO 22301
  • Conduct risk assessment, Business Impact Analysis and guide DR plans with business owners

Training and Awareness

  • Support with Information Security Education and Awareness strategy to include delivery of training using various methods, simulation exercises, communication, reporting and trend analysis

Compliance

  • Support in establishing Information Security governance forum.
  • Support team with various ISO27001 related project to include planning internal and external audits, risk treatment and improvement plans, maintenance of information security risk register, and support with implementation of control objectives.
  • Generate monthly security metrics, dashboards and reporting for management review
  • Work closely with the staff across firm to gather information on working practices to identify security risk and exposure and recommend steps to improve security posture and processes
  • Keeping abreast of latest IT security measures and controls
  • Support alignment and reviews of our maturity against security frameworks as agreed with the CISO, such as NIST CSF.

Skills and Experience:

  • Prior experience in Information Security with a focus on governance, risk, and compliance (Financial Services or Consulting background is preferable)
  • An information security related qualification or certificates such as CISM, CISA, CISSP; CRISC, ISO27001 Lead Implementer or Lead Auditor is preferable
  • Experience and knowledge of IT systems, networking principles and associated technology-based security controls
  • Experience in facilitating and supporting internal and/or external audit activities.
  • Experience in applying and implementing ISO related controls both technical and operational.
  • Understanding of general information security management principles and data protection.
  • Knowledge and experience of logical access control management and administration.
  • Experience working within Information Security or IT Security, Data Protection.
  • Experience in working Information Security training and awareness tools.
  • Excellent written and verbal communication skills.
  • Strong MS and Atlassian skills using MS Word, Excel, PowerPoint, SharePoint and Outlook and Confluence.
#J-18808-Ljbffr

  • Information Security Analyst

    4 hours ago

    London, United Kingdom Insite IT Full time

    Information Security AnalystInsite IT have a great opportunity for an Information Security Analyst to join one of the UK's leading Retailers as they grow their Security function.The Information Security Analyst will play an important role in the maintenance and improvement of all security operation procedures and processes across the entire business. You...

  • Information Security Analyst

    3 hours ago

    City of London, Greater London, United Kingdom Insite IT Full time

    Information Security Analyst Insite IT have a great opportunity for an Information Security Analyst to join one of the UK's leading Retailers as they grow their Security function. The Information Security Analyst will play an important role in the maintenance and improvement of all security operation procedures and processes across the entire...

  • Information Security Analyst

    4 weeks ago

    London, United Kingdom ITS Recruitment | ITS Works Full time

    Information Security Analyst - Governance and Compliance Information Security Analyst - Governance and Compliance - required by 700 user City Law Firm. Reporting to the Head of InfoSec you will be responsible for supporting the governance, risk and compliance activities of the department, and ensuring security culture and processes are embedded across the...

  • Information Security Analyst

    7 days ago

    London, United Kingdom ITS Recruitment | ITS Works Full time

    Job Description Information Security Analyst - Governance and Compliance Information Security Analyst - Governance and Compliance - required by 700 user City Law Firm. Reporting to the Head of InfoSec you will be responsible for supporting the governance, risk and compliance activities of the department, and ensuring security culture and processes are...

  • Information Security Analyst

    4 weeks ago

    London, United Kingdom ITS Recruitment | ITS Works Full time

    Information Security Analyst - Governance and Compliance Information Security Analyst - Governance and Compliance - required by 700 user City Law Firm. Reporting to the Head of InfoSec you will be responsible for supporting the governance, risk and compliance activities of the department, and ensuring security culture and processes are embedded across the...

  • Information Security Analyst

    4 weeks ago

    London, United Kingdom ITS Recruitment | ITS Works Full time

    Information Security Analyst - Governance and ComplianceInformation Security Analyst - Governance and Compliance - required by 700 user City Law Firm.Reporting to the Head of InfoSec you will be responsible for supporting the governance, risk and compliance activities of the department, and ensuring security culture and processes are embedded across the...

  • Information Security Analyst

    3 weeks ago

    London, United Kingdom ITS Recruitment | ITS Works Full time

    Job DescriptionInformation Security Analyst - Governance and ComplianceInformation Security Analyst - Governance and Compliance - required by 700 user City Law Firm.Reporting to the Head of InfoSec you will be responsible for supporting the governance, risk and compliance activities of the department, and ensuring security culture and processes are embedded...

  • Information Security Analyst

    1 week ago

    London, United Kingdom ITS Recruitment | ITS Works Full time

    Job Description Information Security Analyst - Governance and Compliance Information Security Analyst - Governance and Compliance - required by 700 user City Law Firm. Reporting to the Head of InfoSec you will be responsible for supporting the governance, risk and compliance activities of the department, and ensuring security culture and processes are...

  • Information Security Analyst

    4 weeks ago

    London, United Kingdom Computappoint Full time

    **Information Security Analyst** **Hybrid Model**: 50% Remote / 50% Central London office (based on calendar month) **Office Location**:London **Type**:Permanent **About the Client and Role**: My client, a globally operating law firm, is seeking an experienced Information Security Analyst to join their London based security operations team on a permanent...

  • Information Security Analyst

    4 weeks ago

    London Area, United Kingdom ITS Recruitment | ITS Works Full time

    Information Security Analyst - Governance and ComplianceInformation Security Analyst - Governance and Compliance - required by 700 user City Law Firm.Reporting to the Head of InfoSec you will be responsible for supporting the governance, risk and compliance activities of the department, and ensuring security culture and processes are embedded across the...

  • Information Security Analyst

    4 weeks ago

    London Area, United Kingdom ITS Recruitment | ITS Works Full time

    Information Security Analyst - Governance and Compliance Information Security Analyst - Governance and Compliance - required by 700 user City Law Firm. Reporting to the Head of InfoSec you will be responsible for supporting the governance, risk and compliance activities of the department, and ensuring security culture and processes are embedded across the...

  • Information Security Analyst

    4 weeks ago

    London Area, United Kingdom ITS Recruitment | ITS Works Full time

    Information Security Analyst - Governance and ComplianceInformation Security Analyst - Governance and Compliance - required by 700 user City Law Firm.Reporting to the Head of InfoSec you will be responsible for supporting the governance, risk and compliance activities of the department, and ensuring security culture and processes are embedded across the...

  • Information Security Analyst

    4 weeks ago

    London Area, United Kingdom ITS Recruitment | ITS Works Full time

    Information Security Analyst - Governance and ComplianceInformation Security Analyst - Governance and Compliance - required by 700 user City Law Firm.Reporting to the Head of InfoSec you will be responsible for supporting the governance, risk and compliance activities of the department, and ensuring security culture and processes are embedded across the...

  • Information Security Grc Analyst

    4 weeks ago

    City of London, United Kingdom i3 Resourcing Limited Full time

    **Information Security GRC Analyst** **£47,000 - £55,000** **2-3 days in a London office / 1-2 days from home** **EXCELLENT full benefits package and bonus** **Information Security GRC Analyst, Governance, Risk, Compliance, Security Risk, Privacy Risk, Management Information, ISO27001, NIST, SOX, Firewalls, IDS/IPS, DLP, Information Security Analyst,...

  • Information Security Analyst Contract

    3 hours ago

    City of London, Greater London, United Kingdom Insite IT Full time

    Information Security Analyst Insite IT have a great opportunity for an Information Security Analyst to join one of the UK's leading Retailers as they grow their Security function. The Information Security Analyst will play an important role in the maintenance and improvement of all security operation procedures and processes across the entire...

  • Information Security Analyst Contract

    5 days ago

    City of London, Greater London, United Kingdom Crone Corkill Full time €60,000 - €70,000

    Information Security Analyst Full time - City - Hybrid Sponsorship is not available for this opportunity Is this the Information Security Analyst role for you? Crone Corkill are partnered with a very well respected organisation in the Legal sector as they look to add a new member to the Information Security team. Partnering with the Information Security...

  • Information Security Analyst Contract

    1 week ago

    City of London, Greater London, United Kingdom Crone Corkill Full time

    Information Security Analyst Full time - City - Hybrid Sponsorship is not available for this opportunity Is this the Information Security Analyst role for you? Crone Corkill are partnered with a very well respected organisation in the Legal sector as they look to add a new member to the Information Security team. Partnering with the Information Security...

  • Information Security Analyst Contract

    1 week ago

    City of London, Greater London, United Kingdom Crone Corkill Full time

    Job Description Information Security Analyst £Full time – City – Hybrid Sponsorship is not available for this opportunity Is this the Information Security Analyst role for you? Crone Corkill are partnered with a very well respected organisation in the Legal sector as they look to add a new member to the Information Security team. Partnering with...

  • Information Security Analyst

    5 days ago

    London, United Kingdom Barclay Simpson Full time

    We're collaborating with a reputable financial institution in London, and we're looking for an experienced Information Security Analyst with expertise in Governance, Risk, and Compliance. This role provides an exciting opportunity to contribute to the cybersecurity posture of a leading organisation.Below covers everything you need to know about what this...

  • Information Security Analyst

    1 week ago

    London, United Kingdom Barclay Simpson Full time

    We're collaborating with a reputable financial institution in London, and we're looking for an experienced Information Security Analyst with expertise in Governance, Risk, and Compliance. This role provides an exciting opportunity to contribute to the cybersecurity posture of a leading organisation.Responsibilities:Maintain information security policies and...