Skip to main content

This job has expired

You will need to login before you can apply for a job.

Information Security Analyst

Barclay Simpson
London, United Kingdom
Closing date
29 Jun 2024

View more

Our client, a leading bank specializing in services for global fintechs and SME lending solutions, is seeking an Information Security GRC Analyst. The role will help shape our client's cybersecurity posture. Key responsibilities include identifying and mitigating security risks, ensuring regulatory compliance, and developing security frameworks. This position offers a unique opportunity to safeguard digital infrastructure and contribute to overall security strategy.

  • Third Party Security: Manage client due diligence questionnaires, support onboarding new suppliers, and maintain third-party questionnaires.
  • Information Risk Management: Collaborate with ERM, Audit, and other teams to manage risks, close audit findings, and implement risk frameworks.
  • Policy and Standards Maintenance: Maintain ISMS-related policies and procedures, support the Information Security GRC roadmap, and ensure compliance with ISO27001.
  • Incident Management: Liaise with the Security Operations Team, manage technical risks, oversee vulnerability management, and handle DLP incidents.
  • Data Privacy: Develop the Personal Information Management System (PIMS) in line with ISO 27701, manage data privacy policies, and develop breach notification procedures.
  • Business Continuity and Disaster Recovery: Implement frameworks in line with ISO 22301, conduct risk assessments, and guide DR plans.
  • Training and Awareness: Support Information Security Education and Awareness strategy, deliver training, and conduct simulation exercises.
  • Compliance: Support the establishment of the Information Security governance forum, plan audits, generate security metrics, and stay updated on IT security measures.
Required Experience:
  • Experience in Information Security with a focus on governance, risk, and compliance within UK Banking.
  • Relevant qualifications (CISM, CISA, CISSP; CRISC, ISO27001 Lead Implementer or Lead Auditor).
  • Knowledge of IT systems, networking principles, and security controls.
The successful candidate is expected to be in the London office 2-3 days a week.

If you meet the requirements and seek a new challenge, we'd love to hear from you

Get job alerts

Create a job alert and receive personalised job recommendations straight to your inbox.

Create alert

Similar jobs