The Information Security Analyst is responsible for safeguarding EMEA information assets by delivering comprehensive security and compliance initiatives.
The role works closely with internal stakeholders, third-party providers, and global teams to support risk management, audit readiness, incident response, and security awareness, ensuring alignment with GDPR, ISO 27001, and other relevant security frameworks across business operations and technology platforms.
Key Responsibilities
* Conduct third-party information security and risk assessments
* Support and maintain compliance with GDPR, ISO 27001, and related frameworks
* Manage vulnerability management activities and phishing simulations
* Develop and deliver employee security awareness programmes
* Support audit readiness and compliance initiatives
* Assist with incident response, business continuity, and ISMS controls
* Collaborate with global teams and external service providers
* Contribute to the continuous improvement of the organisation’s security posture
What We’re Looking For
* Proven experience in IT / Information Security
* Experience in GRC (Governance, Risk & Compliance)-based roles
* Strong experience with ISO/IEC 27001 (implementation, maintenance, audit)
* Knowledge of frameworks such as NIST and NIS2
* Experience conducting risk assessments and business impact assessments
* Experience performing third-party security due diligence
* Hands-on experience creating and executing remediation plans
* Audit experience to achieve and maintain security compliance
* Experience implementing and managing ISMS controls
* Ability to work independently and as part of a team
* Professional Information Security membership and certifications
If you are interested please apply or send your cv to luke.sandilands@cpl.com
#J-18808-Ljbffr