Information Security Analyst

Information Security Analyst - Hatfield - Hybrid - up to £60k Excellent Bens About the company: Global Technology powerhouse pioneering the future of transport & logistics through disruptive innovation and automation. They create world-class systems at the intersection of robotics and IoT, cloud platforms, big data, machine learning, software development, and beyond. What you will be doing: As the Information Security Analyst will support the InfoSec GRC team in all aspects of information security across the whole organisation, including overall information security governance, compliance programs, third-party vendor risk management, education, and Vendor Risk Management tool administration. This role is not a technical hands on role, but would suit an individual who has a technical background having worked with a range of technology and security tools who is now looking for an information security GRC role. You’ll be working on things like; ● Contributing to the creation and refreshment of information security documents, policies, processes and procedures. ● Working with business stakeholders and project teams to understand, scope and define security requirements. ● Assisting in developing control testing strategies, to ensure our security controls are meeting their objectives. ● Performing internal security and vendor risk assessments. ● Supporting Data Protection activities. ● Supporting the Information Security teams and Business functions in maintaining security attestations, which include PCI DSS and SSAE18/SOC 2. ● Providing effective reporting to the Head of Information Security Governance of trends, audit findings and risk ratings. ● Performing internal and third-party vendor risk assessments, and writing risk assessment reports. ● Managing and analysing security controls, while understanding the risk of certain controls not being in place. What we’re looking for: ● Experience in an Information Security GRC related role, including writing Information Security related Policies, Processes and Procedures ● Knowledge of current information security standards, frameworks and regulations such as ISO27001, NIST, SSAE18/SOC 2, PCI-DSS, GDPR. ● Third-Party Vendor Risk Management experience ● Good communication skills with ability to articulate compliance changes and experience in collaboration with internal / external stakeholders Nice to have (but not essential): ● Knowledge of Vendor Risk Management tools such as OneTrust ● Any of the following: CISA, CRISC, or CISM certifications What is in it for me: ● 30 Day ‘work from anywhere’ policy ● Remote working for the month of August ● 25 days annual leave, rising to 27 days after 5 years service (plus optional holiday purchase) ● Pension scheme (various options available including employer contribution matching up to 7%) ● Private Medical Insurance ● 22 weeks paid maternity leave and 6 weeks paid paternity leave (once relevant service requirements complete) ● Train Ticket loan (interest-free) ● Cycle to Work Scheme ● Opportunity to participate in Share save and Buy as You Earn share schemes ● Income Protection(can be up to 50% of salary for 3 years) and Life Assurance(3 x annual salary) For more information and immediate consideration apply today

Location: Hatfield, GB

Posted Date: 1/15/2025