Senior Information Security Analyst – 3-Month Remote Contract
💰 Rate: £36.03 per hour (umbrella)
🕐 Duration: 3 months
🌍 Location: Remote (UK-based)
🏢 Sector: Not-for-profit / Public Sector (confidential client)
Overview
We’re supporting a leading UK not-for-profit organisation in strengthening its information security posture following a major digital transformation.
They’re looking for an experienced Senior Information Security Analyst to provide immediate support across both technical security assurance and governance, risk, and compliance (GRC).
This is a hands-on delivery role, ideal for someone who’s comfortable working autonomously, assessing risk, and providing clear, practical advice to technical and non-technical teams alike.
Key Responsibilities
Security Governance & Risk
* Conduct risk assessments across systems, suppliers, and projects.
* Review and respond to security questionnaires and tenders.
* Support remediation activities and maintain the Information Security Risk Register.
* Contribute to maintaining compliance with ISO 27001, Cyber Essentials Plus, DSPT, and GDPR.
Technical Security Oversight
* Review alerts, vulnerabilities, and incidents, providing risk-based recommendations.
* Validate configurations across the Microsoft security stack (M365, Azure, Defender, DLP, Conditional Access).
* Support vulnerability and patch management activities.
* Provide input to technical change reviews and post-incident analysis.
Supplier Assurance
* Conduct third-party risk assessments for new and existing suppliers.
* Evaluate supplier evidence against internal standards and track high-risk findings.
* Collaborate with procurement and legal on security clauses and data protection obligations.
Skills & Experience
✅ 5+ years’ experience in Information Security, combining technical and GRC work.
✅ Strong understanding of cloud and endpoint security (Microsoft-based environments).
✅ Experience conducting risk assessments and reviewing supplier assurance evidence.
✅ Familiarity with ISO 27001, Cyber Essentials Plus, DSPT, GDPR, and NCSC guidance.
✅ Ability to interpret vulnerability reports and advise on remediation priorities.
✅ Excellent written communication and stakeholder engagement skills.
Desirable
⭐ Certifications such as CISSP, CISM, CRISC, CEH, or Security+.
⭐ Experience in public sector, healthcare, or charity settings.
⭐ Familiarity with NCSC CAF and NHS DSPT frameworks.
Personal Attributes
* Pragmatic, calm, and delivery-focused.
* Strong integrity and attention to detail.
* Confident working independently and making risk-based decisions.
* Able to communicate clearly with senior stakeholders and technical teams alike.
If you’re an experienced Information Security Analyst who enjoys combining technical security insight with governance and assurance, this short-term remote contract offers an opportunity to make a meaningful impact.
📩 Apply now or message me directly for an informal chat.