Social network you want to login/join with:
Information Security Analyst, Newcastle-upon-Tyne, Tyne and Wear
Client: Prism Digital
Location: Newcastle-upon-Tyne, Tyne and Wear, United Kingdom
Job Category: Other
EU work permit required: Yes
Job Views: 4
Posted: 22.08.2025
Expiry Date: 06.10.2025
Job Description:
* Hybrid role based in Coventry with monthly travel to London
* Support for security certification and career development opportunities
Join a high-stakes security program as a hands-on GRC Analyst supporting a global financial institution’s banking expansion. You will help scale a modern InfoSec environment, balancing regulatory rigor, ethical standards, and BAU resilience.
Your focus will include third-party security assessments, metrics reporting, and supporting certification frameworks such as ISO27001 and SOC2. You will collaborate across risk, technology, and compliance teams, operating efficiently with visibility and trust from leadership.
What you’ll bring:
* Over 3 years of experience in an InfoSec or IT security role within a regulated or financial environment
* Security certifications such as SSCP, Security+, or equivalent
* Strong GRC foundation, familiar with risk frameworks and standards like ISO, SOC2, NIST
* Experience with security tools and metrics-driven reporting
* Excellent communication skills to translate technical language into actionable insights
* Ethical mindset with the ability to escalate, challenge, and own responsibilities
What you’ll be doing:
* Supporting ISO27001 & SOC2 governance, including ISMS management and risk reviews
* Conducting third-party risk assessments and supplier security reviews
* Driving security awareness training, phishing simulations, and internal content creation
* Managing BAU InfoSec operations: ticket triage, KPI reporting, risk dashboards, vulnerability monitoring
* Utilizing compliance tools like Protecht, Panorays, Rapid7, and Armis
* Providing InfoSec input for new market launches
Tools and Technologies:
* Panorays – Third-party risk management
* Rapid7, Armis – Vulnerability and asset visibility
* Proofpoint – Phishing simulations and awareness content
* Microsoft Purview – Data governance and policy enforcement
* Azure (beneficial) – Cloud IAM, logging, security monitoring
Why this role?
* High-impact GRC projects linked to market expansion
* Supportive internal security culture with engaged leadership
* Opportunities to develop across awareness, compliance, and operational areas
#J-18808-Ljbffr