InfoSec Analyst with experience of Cyber Essentials and ISO27001
Location: UK-based
Duration: Initial 3-month contract (expected extension up to 12 months with rolling break clauses)
Start Date: ASAP
Day Rate: £400
IR35 Status: Inside IR35
Overview
We are searching for an experienced Information Security Analyst to join our security function on a long-term contract basis.
Key Responsibilities
* Identify, analyse, and support the management of information security and IT risks across the business
* Work closely with stakeholders, vendors, and internal teams to assess security controls and risk exposure
* Support compliance activities aligned to Cyber Essentials+ and ISO27001 standards
* Create and maintain information security policies, standards, procedures, and wider GRC documentation
* Conduct internal security assessments and reviews, clearly documenting findings and recommendations
* Maintain key security knowledge resources including process documentation, RACIs, training materials, and contract information
* Collaborate with risk owners to identify, manage, and mitigate vulnerabilities and threats effectively
Key Experience Required
* Strong experience within Information Security / GRC environments
* Proven experience working with Cyber Essentials+
* Proven experience working with ISO27001
* Experience conducting security risk and controls assessments
* Strong documentation and stakeholder management skills
* Experience producing and maintaining security policies, standards, and procedures
* Ability to communicate security findings clearly to both technical and non-technical stakeholders
Nice to Have
* Broader vulnerability management exposure
* Experience working within enterprise-scale or regulated environments
#J-18808-Ljbffr