Gigged AI is an open talent marketplace specialising in the IT and technology sector. We
have an opportunity live at the moment for a InfoSec Analyst with experience of Cyber Essentials and ISO27001.
This role is preferably hybrid, with 2 days per week in Glasgow City Centre Office. However flexibility will be considered for any applicants outwith Glasgow.
Location: UK-based
Duration: Initial 3-month contract (expected extension up to 12 months with rolling break clauses)
Start Date: ASAP
Day Rate: £400
IR35 Status: Inside IR35
All applicant proposals will be reviewed directly on the Gigged AI platform by the hiring manager.
In order to send a proposal please follow the below steps:
* head to www.gigged.ai and create a free talent profile
* once signed in, follow this link to the project - https://app.gigged.ai/find-a-gig/QEBDgovDnxZ
* you will now see a 'submit proposal' button
* please fill this in (intro, relevant experience, and attach CV to this)
Overview
We are searching for an experienced Information Security Analyst to join our security function on a long-term contract basis.
This role will focus heavily on Cyber Essentials+, ISO27001, information security governance, risk management, and internal security assessments across a large enterprise environment.
Key Responsibilities
* Identify, analyse, and support the management of information security and IT risks across the business
* Work closely with stakeholders, vendors, and internal teams to assess security controls and risk exposure
* Support compliance activities aligned to Cyber Essentials+ and ISO27001 standards
* Create and maintain information security policies, standards, procedures, and wider GRC documentation
* Conduct internal security assessments and reviews, clearly documenting findings and recommendations
* Maintain key security knowledge resources including process documentation, RACIs, training materials, and contract information
* Collaborate with risk owners to identify, manage, and mitigate vulnerabilities and threats effectively
Key Experience Required
* Strong experience within Information Security / GRC environments
* Proven experience working with:
* Cyber Essentials+
* ISO27001
* Experience conducting security risk and controls assessments
* Strong documentation and stakeholder management skills
* Experience producing and maintaining security policies, standards, and procedures
* Ability to communicate security findings clearly to both technical and non-technical stakeholders
Nice to Have
* Broader vulnerability management exposure
* Experience working within enterprise-scale or regulated environments