Cyber Security Operations Analyst

Job Title: Cyber Security Operations Analyst
Contract Type: Permanent
Location: London, England
Salary: £60000 - £80000 per annum
REF: VHUInsurTech_1570721361
Contact Name: Vinny Hughes
Contact Email:
Job Published: 8 months ago

Job Description

The Cyber Security Analyst will be a key part of the InfoSec and Risk functions working in conjunctions with the Business Information Security Officer and the Head of Technology in response to security events and establishing policies and best practices. Assist with the management and maintenance of ISMSs across regions (currently UK, Australia and Asia), including certification against ISO 27001 and region specific certifications where applicable.


Develop and maintain information security policies, processes and procedures to support ISMS implementation and improvement across the organisation

Coordinate and participate in risk and security assessments to identify information security risks, threats and vulnerabilities and provide recommendations for and implement where appropriate, remediating controls/processes.

Ensure that core ISMS documentation is accurate and updated in a timely manner including the Risk Register, Information Asset Register, Statement of Applicability and Incidents and Actions Register

Ensure all Security events are properly documented/ tracked to meet audit and risk requirements

Conduct compliance audits across a range of information security controls that support the certification requirements of ISO 27001 and other security certifications as required

Facilitate the implementation of security controls in a coordinated manner based on enterprise control mappings.

Compile information security measurements and metrics supporting enterprise reporting

Own and manage the investigation of security incidents as required in coordination with the Incident Response Team.

Oversee security calendar tasks and ensure they are performed on schedule

Advise and work with Risk and Control management regarding security policies and processes

Provide recommendations on vulnerability scanning or penetration test remediation and risk mitigations

Respond to customer RFPs and Due Diligences relating to security requirements as required

Qualifications and Experience:

  • 5+ years of experience in information security, audit and risk management
  • At least one of the following certifications: CISSP, CISM or CISA. PCI ISA and/or GIAC/GSEC certifications are also a plus
  • Proven knowledge and understanding of risk management and audit methodologies, and tools that support audit and risk management processes. COBIT5 a plus
  • Proven experience Support ISMS / ISO 27001
  • Experience working in software development or SaaS will be highly regarded
  • Ability to work effectively in a multi-location team environment and across all organizational levels, where flexibility, collaboration and adaptability are important
  • Ability to function and perform independently with minimal supervision
  • Passion for cybersecurity and an awareness of the current threat landscape
  • Ability to communicate effectively, in both written and verbal format