Go beyond the expected.
Information Security Analyst
Location
United Kingdom
Posted
2 days ago
Salary
0
Seniority
Senior
Job Description
Information Security Analyst
Dotdigital
• Monitor and investigate security alerts and events across security tooling, cloud environments, business systems, and applications. • Support incident response activities including detection, analysis, containment, eradication, recovery, and lessons learned. • Develop and improve security monitoring, alerting, playbooks, and operational procedures. • Assist with threat hunting and proactive identification of security risks and suspicious activity. • Maintain awareness of emerging cyber threats, vulnerabilities, and attack techniques relevant to SaaS businesses. • Own day-to-day vulnerability management activities across infrastructure, cloud platforms, applications, and endpoints. • Work with technology teams to prioritise and coordinate remediation activities. • Track vulnerabilities through to resolution and provide reporting on remediation performance. • Support penetration testing activities and coordinate remediation of findings. • Support the security of cloud environments and SaaS platforms through implementation and monitoring of security controls. • Assist with identity and access management initiatives, including privileged access management, role-based access control, and identity governance. • Review cloud security recommendations and assist with remediation activities. • Partner with engineering teams to support secure software development practices. • Assist with the identification, triage, and remediation of application security vulnerabilities. • Support security testing activities including SAST, DAST, dependency scanning, and secrets detection. • Contribute to threat modelling and secure design discussions where appropriate. • Support the continued operation and improvement of the Information Security Management System (ISMS). • Assist with security audits, compliance activities, evidence collection, and control reviews. • Contribute to the development and maintenance of security policies, standards, procedures, and guidance. • Support risk assessments and assist with tracking risk treatment activities. • Help maintain compliance with frameworks and standards including ISO 27001 and applicable data protection requirements. • Respond to customer and prospect security questionnaires and due diligence requests. • Conduct security reviews of suppliers, partners, and third-party services.
Job Requirements
- Experience in a Security Analyst, Information Security, Cyber Security, Systems Administration, Infrastructure, Cloud Operations, or DevOps role with demonstrable security responsibilities.
- Experience working within a security or compliance framework such as ISO 27001.
- Understanding of security operations and incident response processes.
- Experience with vulnerability management, remediation tracking, and security risk reduction.
- Knowledge of identity and access management principles.
- Understanding of cloud security concepts and security controls within major cloud providers.
- Hands-on experience of an array of core security technologies.
- Understanding of common application security risks and OWASP principles.
- Strong communication skills with the ability to engage technical and non-technical stakeholders.
- Ability to manage multiple priorities and work independently in a fast-paced environment.
- A pragmatic and business-focused approach to security.
- Desirable: Experience supporting secure software development practices.
- Experience conducting supplier security reviews and risk assessments.
- Familiarity with automation or scripting using PowerShell, Python, or similar technologies.
- Understanding of data protection and privacy requirements.
- Experience working within a SaaS, technology, or cloud-first organisation.
Benefits
- Commission & bonus opportunities
- Annual leave that increases with service + option to buy more
- Additional paid wellbeing days + annual wellbeing reward
- Christmas office shutdown (extra time off)
- Enhanced parental leave & family support policies
- Employee recognition & reward schemes
- Referral bonuses & long-service rewards
Related Guides
Related Categories
Related Job Pages
More Security Analyst Jobs
Security Analyst – Information Technology
Alberta Blue CrossCourage to fly, smile, move, start, stop, build, re-build and grow. We’re your Alberta benefits provider.
• Respond to threats, alerts, and cybersecurity incidents, supporting activities from detection through remediation • Follow and support adherence to standard operating procedures and identify opportunities for improvement • Participate in the planning and execution of simulation exercises, such as phishing testing • Participate in vulnerability management activities from scanning through to remediation • Analyze threat intelligence sources and publicly disclosed vulnerabilities to assess relevance, exploitability, and potential impact • Support cybersecurity audits and associated remediation efforts • Collaborate with internal teams to support security risk assessments across systems and applications • Identify potential security risks and recommend remediation or mitigation options • Support the maintenance and improvement of security policies, procedures, and standards • Support the delivery and continuous improvement of security awareness and training initiatives • Support validation and tuning security controls across identity, endpoint, and cloud environments • Support the implementation of security tools, controls, and operational initiatives • Communicate effectively with various IT technical and business teams
Role Description We're seeking a Senior Information Security Analyst to join our team and play a key role in protecting our information assets, strengthening our security posture, and helping the organization stay ahead of evolving cyber threats. This individual will partner across the business to identify risks, enhance security controls, and support a secure, scalable environment as we continue to grow. This is a fully remote opportunity to do meaningful work as part of a collaborative, people-first culture. At Relatient, we are passionate about making a difference in healthcare by helping organizations better connect with patients and improve outcomes. How You’ll Make an Impact: - Act as primary contact for SOC II Audit, Security Risk Assessment, and Penetration Testing. - Create and maintain security policies and standards to meet HITRUST, HIPAA and SOC II requirements. - Manage, maintain, and review security policy, documentation, and auditing. - Manage the process of submitting customers’ security information and audit questionnaires. - Serves as a part of the Networks Operation team for technology and security support. - Educates staff on security requirements and best practices. - Collaborates with leadership on the development of security policies. - Works with staff, business partners, and leadership to help them understand potential application security risks and mitigation. - Stays connected with industry best practices and vendor-specific application methodologies. Qualifications - Bachelor’s degree in computer science or related field or equivalent work experience in lieu of a degree is required. - 8+ years of information security, cybersecurity, or IT experience required. - 3+ years in a senior security engineering or analyst role preferred. - CISSP, CISM, GIAC, or equivalent security certification strongly preferred. - Experience in HIPAA, SOC II, and NIST controls. - Direct experience with anti-virus software, intrusion detection, firewalls, and content filtering. - Knowledge of risk assessment tools, technologies, and methods. - Experience designing secure networks, systems, and application architectures. - Knowledge of disaster recovery, computer forensic tools, technologies, and methodology. - Experience planning, researching, and developing security policies, standards and procedures. - Professional experience in a system administration role supporting multiple platforms and applications. - Ability to communicate network security issues to peers and management. - Ability to read and use the results of mobile code, malicious code, and anti-virus software. Mindsets That Matter: - Act with purpose, focus, and accountability. - Collaborate across teams and communicate clearly. - Keep innovating and automate what slows you down. Travel Requirements: - Traveling up to 5% may be required. Pay & Perks: - The salary range for this role is $95,000- $135,000. - Final compensation depends on experience, skills, and location. Benefits - Medical, dental, and vision coverage. - Company-paid life and disability insurance. - HSA with employer contributions. - Employee Assistance Program (EAP). - 401(k) with company match. - Unlimited PTO, 10 paid holidays, and paid parental leave. Equal Opportunity at Relatient: We’re building a team as diverse as the communities we serve. Relatient is proud to be an equal opportunity employer. If you need accommodation during the application process, just let us know. Ready to Join Relatient? If you’re looking for work that matters and a team that makes it count, we'd love to hear from you! To join our team, you must live in one of the following states where we’re authorized to hire: Alabama, Arkansas, Florida, Georgia, Indiana, Kentucky, Missouri, New Jersey, North Carolina, Ohio, Oklahoma, South Carolina, Tennessee, and Texas.
Senior Information Security Governance, Risk and Compliance Analyst
BlueCross BlueShield of TennesseeBringing peace of mind through better health to our customers and communities
Role Description We are hiring a Sr. Information Security Governance, Risk, and Compliance (GRC) Analyst at BlueCross BlueShield of Tennessee! In this role, you will help strengthen and mature BCBST’s information security governance program by leading risk management, compliance, and assurance initiatives across the enterprise. - Serve as a key contributor in developing and maintaining Systems Security Plans (SSPs). - Partner with technology and business stakeholders to support audit readiness efforts. - Manage security controls, assess risk, and ensure alignment with industry frameworks and regulatory requirements. - Protect organizational assets while helping BCBST maintain a strong security and compliance posture. To be successful in this role, you'll bring strong cybersecurity knowledge, exceptional technical writing skills, and experience translating complex security requirements into clear, actionable documentation. - Experience developing Systems Security Plans (SSPs). - Supporting audit and compliance activities. - Working with security frameworks and control management programs. - Collaborating across technical teams to manage risk. Professional certifications such as CISA, CISM, or CISSP are highly preferred. Note: This is a remote, work-from-home position, but the final round of interviews will take place on-site in our Chattanooga, TN office. Candidates must be able to work Eastern Time Zone business hours. Participation in an on-call rotation is required for approximately two weeks every 30 weeks. Sponsorship is not available for this role. Qualifications - Bachelor’s degree in a relevant field or an equivalent of four years of experience is required. - 5 years of professional experience in Information Security or related IT roles with security-related responsibilities, including at least 2 years focused on Governance, Risk, and Compliance (GRC) functions. - Experience leveraging AI-enabled tools to automate and enhance GRC processes preferred. Requirements - Preferred certifications: CISSP, CRISC, CISA, or CISM. - Ability to assess and document organizational risks, including identifying impacts and recommending mitigation strategies. - Ability to interpret and apply regulatory requirements and industry frameworks (e.g., NIST, SOC 2, HIPAA) to organizational controls. - Ability to analyze security, compliance, and risk metrics to identify trends and drive continuous improvement. - Ability to communicate complex risk and compliance concepts clearly to both technical and non-technical stakeholders. - Ability to collaborate effectively across cross-functional teams to integrate governance, risk, and compliance practices into business processes. - Exceptional time management skills. - Excellent oral and written communication skills. - Strong interpersonal skills and ability to cultivate relationships with internal and external stakeholders. - Ability to work with all levels of staff and management. Company Description
IT Security Analyst
Lakeside SoftwareLakeside Software helps IT teams monitor and optimize environments by focusing on the quantified end-user experience.
• Conduct comprehensive security assessments to identify potential vulnerabilities in our Azure systems, networks, and applications. • Use Endpoint Device Management (EDM) solutions to remediate identified vulnerabilities through automated patch deployment. • Collaborate with engineering teams to address vulnerabilities that fall outside the scope of automated patching. • Utilize industry standard tools and methodologies to perform assessments and identify security gaps. • Execute regular vulnerability scans to uncover security weaknesses and ensure compliance with security policies, and regulations. • Analyze scan results, prioritize vulnerabilities based on risk, and recommend corrective actions. • Monitor and review Indicators of Compromise (IOC) to detect and respond to potential security incidents. • Analyze threat intelligence and perform investigations to prevent or mitigate security breaches. • Collaborate with internal teams and external partners to contain and resolve security threats promptly. • Perform routine review of alerts and security logs to identify anomalous activity, escalate confirmed incidents, and maintain documentation of findings. • Conduct and document periodic user access reviews across systems and applications to support least-privilege controls and satisfy audit requirements. • Assist in responding to customer and prospect security questionnaires, including DDQs and vendor risk assessments, by accurately documenting Lakeside’s controls, certifications, and security practices in alignment with our security program and approved disclosure posture. • Performing special projects as required



