Infomation Security Analyst

<h4><strong>Role Overview</strong></h4> <p>The Information Security Analyst will support a wide range of information security, vendor management, procurement, audit, and technical security activities across the business. The role involves working closely with teams such as Legal, Procurement, IT, and Engineering to ensure security best practices are embedded in company processes and supplier relationships.</p> <p>This position would suit someone with experience in roles such as IT Helpdesk, IT Operations, Risk & Compliance, Internal Audit, or Security Operations who is looking to develop a career in Information Security.</p> <h4><strong>Key Responsibilities:</strong></h4> <p><strong>Commercial Support</strong></p> <ul> <li>Assist with RFP responses and client security questionnaires.</li> <li>Support client annual security audits and due diligence requests.</li> <li>Respond to internal and external queries relating to information security controls.</li> <li>Review and interpret security-related contractual clauses, including data protection, data retention, and audit requirements.</li> </ul> <p><strong>Procurement & Supplier Due Diligence</strong></p> <ul> <li>Support the supplier security due diligence process for new vendors.</li> <li>Participate in procurement and supplier onboarding discussions.</li> <li>Collaborate with teams to ensure suppliers meet company security standards.</li> </ul> <p><strong>Vendor Risk Management</strong></p> <ul> <li>Maintain annual vendor due diligence reviews and documentation.</li> <li>Track supplier inventories and criticality ratings.</li> <li>Monitor performance and risk indicators for key suppliers (SLA breaches, downtime, incidents, and news).</li> <li>Support projects such as fourth-party risk assessments and information gathering.</li> <li>Monitor scope changes in vendor products and services as they become available.</li> <li>Work closely with Legal, IT, and Security teams on emerging topics such as AI usage and third-party tools.</li> </ul> <p><strong>IT & Technical Security</strong></p> <ul> <li>Work with IT and Security teams to research new technologies and integrations.</li> <li>Support technical security initiatives and projects.</li> <li>Conduct data flow mapping and architecture documentation.</li> <li>Assist in evaluating system integrations (for example applications connected to CRM platforms).<br><br></li> </ul> <p><strong>Audit & Compliance</strong></p> <ul> <li>Support ongoing security and compliance