Information Security Analyst
London
Moneybox is growing and maturing as a technology-led financial services business, all whilst the cyber threat landscape is constantly evolving. This role will be helping to implement and maintain a second line of defence Information Security function delivering across the breadth of the business. You will be able to combine technical expertise with strong personal qualities to effectively protect our information assets.
The role will suit an ambitious analyst who wants to drive and improve processes, take ownership, and champion security across the business.
#LI-ND1
The role will suit an ambitious analyst who wants to drive and improve processes, take ownership, and champion security across the business.
What you'll do
- Uphold and enforce information security standards and policies, serving as a primary resource for internal stakeholders championing all things Information Security across the business.
- Assist Moneybox in achieving and maintaining industry-recognised certifications such as Cyber Essentials, NIST CSF, and, eventually, ISO 27001.
- Identify and manage risks in accordance with the enterprise-wide risk framework to ensure the triage, review, and ongoing management of information security risks.
- Conduct third-party due diligence to ensure Moneybox's standards are upheld throughout our supply chain.
- Collaborate with Workplace Technology on vulnerability management, build reviews, user access reviews, and security controls to ensure the cybersecurity of our IT systems.
- Maintain the Information Asset Register and other trackers to stay current on documentation and evidence of controls.
- Triage and respond to information security incidents (e.g., phishing, lost laptops, DLP alerts) to maintain Moneybox's resilience against threats.
- Act as a deputy for the Information Security Manager when necessary.
- Collect information for governance meetings, attending and presenting as required.
- Gather and disseminate actionable threat intelligence to keep information security current with new developments.
- Develop and implement information security training and awareness initiatives to educate employees.
- Operationalise and document new security processes as they are developed.
- Provide information security input for Data Protection risk assessments.
- Support compliance with regulatory requirements such as REP018, EBA Guidelines, and UK GDPR.
Who you are
- A driven, ambitious individual who’s looking to build their career at an exciting fast-growing company.
- A professionally inquisitive problem solver looking to enable the business to succeed without a heavy handed approach.
- Able to adjust to new technologies, evolving threats, and changing regulations, remaining focused and effective during security incidents.
- Naturally personable, great communicator who has a passion for their work and the people they work with
- Excited about being part of a fast-growing company that’s trying to make a positive mark on the world
- Knows have to have fun whilst maintaining a professional outlook
Experience and Skills
- Experience in information security management: This includes familiarity with industry-standard frameworks like NIST CSF, ISO 27001, or SOC2,
- Knowledge of risk management methods and third party risk management (TPRM)
- Practical knowledge of security technologies: The candidate should be comfortable with tools like Anti-Malware Solutions, DLP, Identity and Access Management, SIEM, and cloud technologies.
- Understanding of financial services and their regulatory environment: to align security measures with industry-specific requirements.
- Knowledge of the Software Development Lifecycle (SDLC): to help integrate security practices into the development process.
- Understanding of Data Protection/Privacy and ICO regulatory requirements: to help signpost the business towards the data protection team.
- Excellent communication and collaboration skills: The analyst must be able to clearly convey technical information to various stakeholders and work effectively across teams.
#LI-ND1
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Job stats:
20
8
0
Category:
Analyst Jobs
Tags: Cloud Compliance GDPR Governance IAM ISO 27001 Malware NIST Privacy Risk assessment Risk management SDLC SIEM SOC 2 Threat intelligence Vulnerability management
Perks/benefits: Career development
Region:
Europe
Country:
United Kingdom
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.
Senior Security Analyst jobsInformation System Security Officer jobsSenior Cloud Security Engineer jobsInformation Security Specialist jobsInformation Security Manager jobsSenior Cybersecurity Engineer jobsSenior Network Security Engineer jobsSecurity Consultant jobsIT Security Engineer jobsCyber Security Specialist jobsSenior Penetration Tester jobsSenior Information Security Analyst jobsSecurity Specialist jobsSenior Cyber Security Engineer jobsChief Information Security Officer jobsSystems Engineer jobsSystems Administrator jobsSenior Product Security Engineer jobsPrincipal Security Engineer jobsInformation System Security Officer (ISSO) jobsStaff Security Engineer jobsCloud Security Architect jobsIT Security Analyst jobsSecurity Operations Analyst jobsInformation Systems Security Engineer jobs
Encryption jobsPowerShell jobsDevSecOps jobsKubernetes jobsSaaS jobsIDS jobsEDR jobsSplunk jobsSDLC jobsIPS jobsRMF jobsSQL jobsTop Secret jobsBash jobsIntrusion detection jobsThreat detection jobsCompTIA jobsITIL jobsFinance jobsActive Directory jobsDoDD 8570 jobsOWASP jobsCRISC jobsBanking jobsDocker jobs
UNIX jobsTCP/IP jobsVPN jobsSANS jobsClearance Required jobsHIPAA jobsGIAC jobsIT infrastructure jobsTerraform jobsSOC 2 jobsSOX jobsOSCP jobsCISO jobsData Analytics jobsJavaScript jobsIndustrial jobsCCSP jobsDNS jobsSOAR jobsGCIH jobsMITRE ATT&CK jobsAnsible jobsPolygraph jobsJira jobsSecurity strategy jobs