Launch Recite Me assistive technology

Accessibility

Menu

Information Security Analyst

  • London
  • £65,000 - £75,000
Apply for this job
Our client, a leading bank specializing in services for global fintechs and SME lending solutions, is seeking an Information Security GRC Analyst. The role will help shape our client’s cybersecurity posture. Key responsibilities include identifying and mitigating security risks, ensuring regulatory compliance, and developing security frameworks. This position offers a unique opportunity to safeguard digital infrastructure and contribute to overall security strategy.
Responsibilities:
  • Third Party Security: Manage client due diligence questionnaires, support onboarding new suppliers, and maintain third-party questionnaires.
  • Information Risk Management: Collaborate with ERM, Audit, and other teams to manage risks, close audit findings, and implement risk frameworks.
  • Policy and Standards Maintenance: Maintain ISMS-related policies and procedures, support the Information Security GRC roadmap, and ensure compliance with ISO27001.
  • Incident Management: Liaise with the Security Operations Team, manage technical risks, oversee vulnerability management, and handle DLP incidents.
  • Data Privacy: Develop the Personal Information Management System (PIMS) in line with ISO 27701, manage data privacy policies, and develop breach notification procedures.
  • Business Continuity and Disaster Recovery: Implement frameworks in line with ISO 22301, conduct risk assessments, and guide DR plans.
  • Training and Awareness: Support Information Security Education and Awareness strategy, deliver training, and conduct simulation exercises.
  • Compliance: Support the establishment of the Information Security governance forum, plan audits, generate security metrics, and stay updated on IT security measures.
Required Experience:
  • Experience in Information Security with a focus on governance, risk, and compliance within UK Banking.
  • Relevant qualifications (CISM, CISA, CISSP; CRISC, ISO27001 Lead Implementer or Lead Auditor).
  • Knowledge of IT systems, networking principles, and security controls.
The successful candidate is expected to be in the London office 2-3 days a week.
If you meet the requirements and seek a new challenge, we’d love to hear from you
Apply for this job
Upload your CV/resume or any other relevant file. Max. file size: 2 MB.
I consent to the storing and processing of my personal data as detailed in Barclay Simpson’s Privacy Policy.

We seek individuals from a diverse talent pool and encourage applicants from underrepresented groups to apply to our vacancies. Our commitment to fair recruitment processes means that we welcome applicants from all backgrounds, regardless of their lived experience or personal characteristics. We also invite applicants who meet most of the listed requirements, even if not all, to apply. If you require any adjustments to the application process, please let us know.

Barclay Simpson acts as an Employment Agency for permanent positions and an Employment Business for temporary/contract engagements.

James Lawrence – Tech Risk & GRC

Principal Consultant

View my profile Looking to hire?

Other jobs I manage