We are looking for an Information Security Analyst to join Nucleus Financial in a new role adding to the team.
About the Role
As an Information Security Analyst, you’ll play a pivotal role in strengthening Nucleus Group information security posture. You’ll support the development and execution of risk management strategies, collaborate across departments & group entities as well as third-party partners, and contribute to the continuous improvement of our security capabilities. While not a people leader, you’ll collaborate across all levels to achieve a common goal taking ownership of key initiatives that demonstrate our commitment to being a trusted partner.
You’ll help shape how we assess, report, and improve our security maturity, using frameworks like NIST CSF, CIS CSAT, ISO27001, or Cyber Essentials+. You’ll also support audit and regulatory engagements, lead tabletop exercises, and contribute to the development, testing and reporting of security policies and training.
Key Responsibilities
1. Collaborate with teams to document and assess security control designs and effectiveness in operation
2. Lead tabletop exercises and threat modelling sessions
3. Support and guide other information security colleagues in day-to-day tasks and development
4. Contribute to the development and delivery of security training and awareness programs
5. Assist in managing intra-group risks and reporting, vendor risk assessments and due diligence
6. Maintain and improve structured reporting and audit trails
7. Support the development of continuous improvement plans
8. Engage with auditors, regulators, and internal stakeholders to demonstrate security capabilities
9. Help maintain the information security policy suite
10. Contribute to the oversight of critical outsource partners
11. Work with Security Operations and Application Security to define and refine security management standards
About You
You’re a detail-oriented, proactive professional who thrives in a collaborative environment. You will be inquisitive by nature and be familiar with the need to trust but verify. You enjoy mentoring others, solving complex problems, and turning technical insights into clear, actionable outcomes. You’re comfortable working independently but also know when to escalate or collaborate.
Skills & Experience
12. Strong understanding of information security risk management and ISMS principles
13. Strong understanding of information security controls management within software development lifecycles
14. Experience with NIST CSF, CIS CSAT, ISO27001, or Cyber Essentials+
15. Ability to conduct threat modelling and maturity assessments
16. Experience supporting audits and regulatory reviews
17. Familiarity with vendor risk management and supply chain security
18. Excellent communication and documentation skills
19. Comfortable using tools like Jira, Confluence, and Microsoft 365
20. Experience in financial services or other regulated environments preferred
21. Demonstrated ability to effectively communicate security concepts and educate key stakeholders.
22. Strong organisational skills and attention to detail
A little about us
Our purpose at Nucleus is to help make retirement more rewarding, with a vision to build the best retirement-focused platform in the UK. It is this purpose that drives everything we do. Whether you are working in a role that is customer-facing or not, you’ll need to be service-obsessed to work here.
It’s a fast paced and exciting environment, and one where we believe you will get the chance to fulfil your potential and do work that really matters, to you and our customers. We believe in you having your own chunk of responsibility and being trusted to make things happen.
Nucleus’ culture is something our people believe sets us apart from other places they’ve worked. This gives you an insight into what it is like to work with us.
Inclusion and diversity at Nucleus
As with most things in life, who cares, wins. We really care about inclusion.
For us this is not a box-ticking thing, it’s a commercial imperative. It isn’t about being PC. It’s about being future-relevant and durable. Find out more on our .
We offer a generous blend of benefits for the things that really matter to our people, including pension, bonus, enhanced parental leave, paid time off for emergencies, health and wellbeing initiatives and flexible working options.