Social network you want to login/join with:
Information Security Analyst, Sheffield, South Yorkshire
Client: Prism Digital
Location: Sheffield, South Yorkshire, United Kingdom
Job Category: Other
EU work permit required: Yes
Job Views:
4
Posted:
22.08.2025
Expiry Date:
06.10.2025
Job Description:
* Hybrid role based in Coventry with monthly travel to London
* Support for security certification and career development
Help shape a high-stakes security program as a hands-on GRC Analyst supporting a global financial institution’s banking expansion. You’ll be central to their mission of scaling a modern InfoSec environment, balancing regulatory rigor, ethical standards, and BAU resilience.
You’ll focus on third-party security assessments, metrics reporting, and supporting frameworks like ISO27001 and SOC2. Expect collaboration across risk, technology, and compliance teams, operating efficiently with visibility and trust from leadership.
What you’ll bring:
* 3+ years in an InfoSec or IT security role within a regulated or financial firm
* Security certifications such as SSCP, Security+, or equivalent
* Strong GRC foundation: interpreting risk frameworks and understanding ISO, SOC2, NIST standards
* Experience with security tooling and metrics reporting
* Effective communicator: translating technical language into actionable insights
* Ethical mindset: knowing when to escalate, challenge, and own your responsibilities
What you’ll be doing:
* Supporting ISO27001 & SOC2 governance, including ISMS management and risk reviews
* Conducting third-party risk assessments of suppliers
* Driving security awareness through phishing simulations and internal content
* Managing day-to-day InfoSec operations: ticket triage, KPI reporting, vulnerability monitoring
* Using compliance tools like Protecht, Panorays, Rapid7, and Armis
* Contributing to banking enablement and new market launches
Tools and platforms:
* Panorays – Third-party risk management
* Rapid7, Armis – Vulnerability and asset visibility
* Proofpoint – Phishing simulations and awareness content
* Microsoft Purview – Data governance and policy enforcement
* Azure (beneficial) – Cloud IAM, logging, and security monitoring
Why this role?
* High-impact GRC projects linked to market expansion
* Strong internal security culture with collaborative leadership
* Opportunities to grow across awareness, compliance, and operational domains
#J-18808-Ljbffr