Social network you want to login/join with:
Information Security Analyst, Newcastle-upon-Tyne, Tyne and Wear
Client: Cloud Decisions
Location: Newcastle-upon-Tyne, Tyne and Wear, United Kingdom
Job Category: Other
EU work permit required: Yes
Job Views: 9
Posted: 06.06.2025
Expiry Date: 21.07.2025
Job Description:
Upto £57,500 + Enterprise Benefits (Life Insurance, Medical, Pension)
Fully Remote (UK only)
***Please Note: NOT A CYBER SECURITY TECHNICAL ROLE***
Join their high-growth Information Security team as they expand to four times its current size.
Cloud Decisions has partnered with one of the UK’s most exciting enterprise technology transformations: a multi-billion-pound, employee-owned group, one of the top 10 largest employee-owned businesses in the UK, and a major global player in insurance across over 100 countries.
Following a wave of acquisitions and ongoing digital modernization and compliance efforts, they’re hiring an Information Security Assurance Analyst. The ideal candidate understands controls and compliance with security regulations and standards, can work autonomously within a high-trust team, and is capable of building their InfoSec capabilities to ensure regulatory compliance, information security maturity, and readiness for audits, tenders, or risk reviews.
Control/Compliance Assessment Duties:
* Schedule and Coordinate Assessments: Organize control assessments with control owners, asset custodians, and third parties.
* Evaluate Controls: Assess the design and effectiveness of security controls against policies, standards, and procedures.
* Documentation Maintenance: Keep documentation of assessments and remediation activities up to date.
* Organize Control Evidence: Ensure all evidence is well-organized and accessible.
* Notify Deviations: Notify relevant parties of any deviations from processes or procedures.
* Risk Analysis Reports: Write reports on the impact of control gaps on risks.
* Communicate Findings: Clearly communicate issues to security leadership.
* Dashboard and Reporting: Provide data for dashboards and reports.
* System Security Plans (SSPs): Support documentation of security requirements for information systems, including controls testing and ongoing monitoring.
Compliance/Control Improvement Duties:
* Update Processes: Coordinate updates for identified process gaps.
* Enhance Procedures: Assist in documenting and designing improved procedures.
* Propose Enhancements: Recommend control and procedure improvements.
* Reporting Support: Support monthly and quarterly assessment reports.
Audit/Assessment Duties:
* Third-Party Due Diligence: Manage third-party assessments and responses.
* Audit Preparation and Support: Prepare evidence and respond to audit requests.
InfoSec Effectiveness - Collaboration/Continuous Improvement:
* Continuous Improvement: Identify and implement process improvements.
* Training and Development: Assist in training team members and stakeholders.
* Vendor Management: Assess vendor BCDR plans and capabilities.
Knowledge of DORA, PCDSS, SARBOX is beneficial but not required.
#J-18808-Ljbffr