Social network you want to login/join with:
Information Security Analyst, Sheffield, South Yorkshire
Client: Cloud Decisions
Location: Sheffield, South Yorkshire, United Kingdom
Job Category: Other
EU work permit required: Yes
Job Views:
13
Posted:
06.06.2025
Expiry Date:
21.07.2025
Job Description:
Upto £57,500 + Enterprise Benefits (Life Ins/Medical/Pension)
Fully Remote (UK only)
***Please Note: NOT A CYBER SEC TECHNICAL ROLE***
Join their high-growth Information Security team as they expand to four times its current size.
Cloud Decisions partners with a leading UK enterprise in digital transformation, a multi-billion-pound, employee-owned group, and a top global insurance provider.
They are hiring an Information Security Assurance Analyst to focus on controls & compliance with security regulations and standards, working autonomously within a small, high-trust team to ensure regulatory compliance, security maturity, and audit readiness.
Control/Compliance Assessment Duties:
* Schedule and Coordinate Assessments: Organize control assessments with control owners, asset custodians, and third parties.
* Evaluate Controls: Assess the design and effectiveness of security controls against policies and standards.
* Documentation Maintenance: Keep documentation of assessments and remediation activities up to date.
* Organise Control Evidence: Ensure control evidence is well-organized and accessible.
* Notify Deviations: Notify relevant parties of process deviations.
* Risk Analysis Reports: Prepare reports on control deficiencies and their impact on risks.
* Communicate Findings: Present findings to security leadership clearly.
* Dashboard and Reporting Input: Update dashboards and reports with current data.
* System Security Plans (SSPs): Support documentation of security requirements, controls, testing, and ongoing monitoring.
Compliance/Control Improvement Duties:
* Update Processes: Coordinate updates for business process gaps.
* Enhance Procedures: Assist in documenting and designing procedures, including effectiveness tests.
* Propose Enhancements: Recommend control improvements.
* Reporting Support: Assist in reporting on assessment activities.
Audit/Assessment Duties:
* Third-Party Due Diligence: Manage third-party assessments and report deficiencies.
* Audit Preparation and Support: Prepare evidence and respond to audit requests.
InfoSec effectiveness - collaboration/continuous improvement:
* Continuous Improvement: Identify and implement process improvements.
* Training and Development: Train team members and stakeholders.
* Vendor Management: Ensure vendor BCDR plans and conduct assessments.
Knowledge of DORA, PCDSS, SARBOX is beneficial but not essential.
#J-18808-Ljbffr