Morgan McKinley has partnered with a highly regulated, technology-driven client as they look to hire an Information Security Analyst. In this role, you'll help shape and implement a robust information security and privacy framework that supports business goals, minimises risk, and ensures compliance with leading global standards.
What You'll Be Doing
As an Information Security Analyst, you will play a key role in:
- Supporting the development and ongoing improvement of our Information Security Management System (ISMS).
- Driving compliance with leading standards including ISO27001, NIST Cybersecurity Framework, and GDPR.
- Leading and supporting security and privacy incident management, and ensuring response procedures are followed and documented.
- Delivering awareness and training programmes that engage teams and build a strong security culture across the business.
- Conducting technical control reviews to maintain and improve security posture across IT systems.
- Partnering with IT architecture to embed Security by Design into projects and services.
- Supporting the implementation of Privacy by Design principles in collaboration with Data Protection stakeholders.
- Assessing and reporting on IT and Cyber Risk, and supporting the development of strategies such as Data Loss Prevention and Cloud App Security.
What You Bring
We're looking for someone with:
- 5-7 years' experience in IT or IT Security, with a minimum of 2 years in a technical role (e.g., IT administration, systems implementation, or project delivery).
- Strong knowledge of IT security controls, including access control, patching, change management, and endpoint protection.
- Exposure to security technologies such as SIEM, malware protection, firewalls, and IDS/IPS.
- Experience supporting or delivering compliance with frameworks like ISO27001, GDPR, or NIST.
- Understanding of risk assessment and remediation tracking processes.
- Excellent communication skills, with the ability to engage both technical and non-technical stakeholders.
- Experience managing or supporting security-related projects in a complex IT environment.
Desirable Certifications
While not required, we value certifications such as:
- CISSP, CISM, or CISA
- CIPP/E or CIPM
If the above matches you, please apply or reach out directly for a confidentail chat.
