Home
Jobs
Howdens
Information Security Analyst

Information Security Analyst

On site

Northampton, United Kingdom

Full Time

04-04-2025

Share this job:

Score my CV Apply

Job Specifications

Howdens Joinery are looking for an Information Security Analyst to join our Security team on a 12-month maternity cover.

This InfoSec Analyst role will be to ensure that PCI DSS certifications is achieved and maintaining all appropriate payment gateways used by Howdens. The role will also play a key role in managing security incidents and in assessing risks and vulnerabilities identified.

This is a permanent position based at our office in Brackmills Business Park, Northamptonshire. Working onsite at least 3 days per week.

What will I be doing as Information Security Analyst?

Manage and deliver a plan to deliver PCI DSS certification to all appropriate payment gateways within Howdens.
Work with 3rd party PCI DSS assessor, organise and scope the assessments
Lead with incident management investigations and assist with the coordination of any remediation activities
Provide technical project support representing information security
Support the PMO (Project Management Office) to ensure appropriate security is assessed within projects alongside overseeing supplier compliance to Howdens needs for Cyber Security
Conduct risk and vulnerability assessments to identify and mitigate security risks
Engage with IT projects to perform Security Reviews and ensure findings are appropriately communicated and added to the appropriate logs to be managed
Engage with external organisations working with Howdens to ensure the Confidentiality, Integrity and Availability of Howdens information is maintained

What We Need From You

Technical Operations Security experience with a focus on governance
Experience of PCI DSS certification and maintaining this with a large organisation
Ability to assess system controls based on a documented standard
Will be able to demonstrate ability in problem analysis and resolution
Strong communication skills to be able to influence best practice at all levels of the organisation, with the ability to explain technical problems to non-technical business stakeholders at all levels
Ability to build effective relationships to influence and negotiate business outcomes
Experience of working with and presenting findings to Senior Stakeholders
Hold recognised Cyber Security qualification (CISA, CISMP, CISM or equivalent).
Knowledge of industry related frameworks such as ISO27001, PCI DSS
Candidates with experience in presentation and training techniques in matters of IT security is advantageous as is anyone with familiarity in business continuity and crisis management activities
Ability to work onsite in Northampton a minimum of 3 days per week.

What We Can Offer You

12 months FTC
Competitive salary and annual company bonus
Excellent pension scheme (company matched up to 12%)
25 days holiday + bank holidays with the option to buy additional days
Staff Discount
Employee Assistance Programme
Exceptional Reward and Recognition events

About Howdens

Howdens Joinery is the UK’s number one trade kitchen supplier providing thousands of products across kitchens, joinery, and hardware. We have over 900 depots throughout the UK and Europe – making us the first choice for more than 460,000 loyal trade professionals. Last year our sales reached circa 2.3bn, and we have an ambitious growth agenda.

As well as the opportunity to develop within a fast paced and commercial environment, you will be part of a rewarding organisation recognised for excellence in the workplace in the Best Big Companies to Work For.

How To Apply

We’re building a future where world-class service, innovation, and sustainability are embedded within our DNA. If Howdens sounds like the kind of place where you can build and develop your career, then we’re keen to hear from you.

Howdens is founded on the principle of being Worthwhile for ALL concerned. We’re working hard to ensure we provide an inclusive environment where everyone feels welcome. We will do everything we can to support you during your application. If you need us to make any adjustments to our recruitment process, please email recruitmentteam@howdens.com with the job title and location, and we will be happy to help you

About the Company

Howdens is the UK’s number one kitchen supplier, providing thousands of products across kitchens, joinery, hardware, and bathrooms. We have over 850 depots across the UK and Europe, with total UK sales reaching £2.3 billion in 2024. Our trade-only model We only sell to the trade as they have the craftsmanship and know-how to fit our products to the highest possible standard. We believe the builder is best placed to co-ordinate projects, supported by local Howdens depots underpinned by a dedicated supply chain and extensive... Know more

Related Jobs

Company Name: Secure Mojo
Job Title: Co-Founder⚡Cybersecurity
Job Description: About Secure Mojo: We’re on a mission to make personal digital protection as essential as health insurance. Secure Mojo is building an intelligent platform that combines cyber risk assessments, expert consultation, and real-world cyber insurance — built for individuals, not just enterprises. We’re not here to patch yesterday’s threats. We’re here to build what comes next. The Opportunity: We’re looking for a Co-Founder who isn’t just an expert — but a visionary in cybersecurity. Someone who can help architect our technical backbone while also shaping the future of proactive, personalized cyber defense. This role isn’t for the side-lines. You’ll be driving product innovation, security strategy, and user trust. You'll work alongside the founding team to turn Secure Mojo into a category-defining company. You’re a great fit if you have: Strong background in cybersecurity with hands-on experience. Skills in ethical hacking, OSINT, digital forensics, and incident response. Experience with or passion for cybersecurity training / public awareness. Startup-ready mindset — proactive, adaptable, and mission-driven. Ability to lead technical teams or build one from scratch. A deep passion for solving real-world security problems for everyday users. What You’ll Be Doing: Leading the technical vision for Secure Mojo’s security tools and assessment engine. Building and refining risk assessment frameworks. Helping shape product features with real-world security insights. Collaborating on content, education, and trust-building initiatives. Becoming the voice of credibility for our platform — from the inside out. Perks and Benefits: Opportunity to be a co-founder without any financial investment. Equity stake in the company. Work remotely or from our office; we value results over hours. As Secure Mojo is currently in the pre-revenue stage, no salary can be offered at the start. If you're a highly motivated individual with a strong entrepreneurial spirit, we encourage you to apply. Let's build something extraordinary together!

Company Name: Google
Job Title: Strategic Security Consultant, Mandiant, Google Cloud (English)
Job Description: Note: Google’s hybrid workplace includes remote roles. Remote location: United Kingdom.Minimum qualifications: Bachelor's degree in Computer Science, Information Systems, Cybersecurity, related technical field, or equivalent practical experience. 4 years of experience assessing and developing cybersecurity solutions and programs across security domains. 4 years of experience in delivering cyber outcomes, identifying mission risks, and devising solutions. Ability to communicate in English fluently to work with internal partners and customer teams. Ability to travel up to 30% of the time as required. Preferred qualifications: Certifications related to cloud platforms. Experience implementing industry-leading practices around cyber risks and cloud security for clients’ cloud security frameworks using industry standards. Experience with cloud governance, with the ability to convey governance principles to cloud computing in terms of policies. Excellent time and project management skills. About the jobIn this role, you will lead and support projects on behalf of clients that assess, test, or build their security programs. Project teams may range from 2 to 5 colleagues. Clients will range from start-up companies looking to supplement their security team to Fortune 100 companies that need fresh ideas to enhance their perspective on the security program. You will provide guidance and advice to the client on best practices and manage the risks for their security program.Part of Google Cloud, Mandiant is a recognized leader in dynamic cyber defense, threat intelligence and incident response services. Mandiant's cybersecurity expertise has earned the trust of security professionals and company executives around the world. Our unique combination of renowned experience responding to some of the most complex breaches, nation-state grade threat intelligence, machine intelligence, and the industry's best security validation ensures that Mandiant knows more about today's advanced threats than anyone. Responsibilities Develop roadmaps and recommendations to drive client enhancements of their cloud security architecture, governance, and standards. Identify, incorporate, and articulate cloud security best practices such as DevSecOps strategy, Zero Trust design, and cloud incident response. Perform security configuration reviews for common cloud-based Software-as-a-Service (SaaS) platforms. Assess security operations and incident response team capabilities and provide recommendations for improvement . Participate in client workshops and develop reports. Google is proud to be an equal opportunity workplace and is an affirmative action employer. We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or Veteran status. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. See also Google's EEO Policy and EEO is the Law. If you have a disability or special need that requires accommodation, please let us know by completing our Accommodations for Applicants form .

Company Name: Cyderes
Job Title: Principal Security Analyst
Job Description: Cyderes (Cyber Defense and Response) is a pure-play, full life-cycle cybersecurity services provider with award-winning managed security services, identity and access management, and professional services designed to manage the cybersecurity risks of enterprise clients. We specialize in multi-technology, complex environments with the in speed and agility needed to tackle the most advanced cyber threats. We leverage our global scale and decades of experience to accelerate our clients’ cyber outcomes through a full lifecycle of cybersecurity services. We are a global company with operating centers in the United States, Canada, the United Kingdom, and India. About the Role: The Managed Services Principal Security Analyst Is a Customer-Facing Role Focused on Delivering Security Solutions and Exceptional Client Experiences. As A Trusted Advisor, The Principal Security Analyst Is Responsible for Strategic Advisory, Advanced Analysis, And Custom Security Content for Cyderes’ Managed Service Customers. This Role Requires Consistent Representation of The Cyderes Brand Through Effective Collaboration and Positive Engagement with Internal Teams and Clients. Responsibilities: Own security outcomes for assigned customers, ensuring high-quality SOC deliverables and alignment with client expectations Lead customer-facing calls to discuss incident investigations, provide strategic guidance, and offer recommendations for improving security posture Perform advanced threat hunting and proactive investigations to detect, isolate, and mitigate malicious activities in customer environments Act as a technical lead within the SOC, providing mentorship, guidance, and leadership to other Security Analysts Oversee real-time monitoring and detection activities using SIEM, EDR, and other security tools, ensuring timely identification and escalation of threats Collaborate with internal teams, such as Detection Engineering, to refine detection rules and enhance automation workflows to close gaps in customer security posture Maintain and update security operations processes and incident response playbooks to ensure they remain current and effective Provide training to Security Analysts on tools, processes, and emerging threats to enhance team capabilities Lead post-incident reviews, identifying lessons learned, and sharing findings to improve operational effectiveness Tailor detection and response strategies to meet the unique needs of individual customer environments Stay informed of the evolving threat landscape to provide actionable insights and ensure a proactive approach to security operations Requirements: Experience: Minimum 5+ years of professional experience in cybersecurity, with a strong background in security operations System Administration Knowledge/Experience: Expertise securing and investigating security incidents on Windows, Unix/Linux, and MacOS environments Networking Proficiency: Advanced understanding of networking concepts, including the ability to analyze network artifacts and logs effectively Endpoint Detection and Response (EDR): Hands-on experience with EDR tools such as SentinelOne, CrowdStrike, Microsoft Defender, or equivalent platforms Security Information and Event Management (SIEM): Advanced knowledge and experience with at least one SIEM platform, such as Microsoft Sentinel, Splunk, Google Chronicle, or IBM QRadar Technical Skills: Proficient in threat hunting, malware analysis, and leveraging security tools to investigate and mitigate threats Communication: Strong written and verbal communication skills, with the ability to create and present reports, dashboards, and strategic recommendations Certifications (Preferred): Industry-recognized certifications such as CISSP, GCIH, GCFA, OSCP, or equivalent Cyderes is an Equal Opportunity Employer (EOE). Qualified applicants are considered for employment without regard to race, religion, color, sex, age, disability, sexual orientation, genetic information, national origin, or veteran status. Note: This job posting is intended for direct applicants only. We request that outside recruiters do not contact us regarding this position.

Company Name: KDR Talent Solutions
Job Title: Head of Cyber Security
Job Description: Head of Cyber Security Location: Isle of Man | Salary: £80,000-£100,000 | Reporting to: CIO We're proud to have partnered with high-growth fintech business that is looking for a hands-on and strategic Head of Cyber Security to lead its cyber defence efforts across infrastructure, cloud, endpoints, and digital platforms. This role offers a pathway to CISO, depending on experience and performance. As the Head of Cyber Security you will be the only person solely focused on Cyber Security and will report into the CIO. This is a fantastic opportunity for you to put a real stamp on something and have a massive impact, leading to an opportunity to grow a team and have career path to a CISO role. Key Responsibilities: Define and deliver the cyber security strategy aligned with business and regulatory needs Lead risk management, governance, and compliance (PCI DSS v4, ISO 27001, SWIFT CSCF preferred) Oversee incident response, threat intelligence, and business continuity planning Drive infrastructure, cloud, and endpoint security across AWS, Azure, GCP Manage vulnerability testing, red teaming, SOC and EDR functions Foster a strong security culture through training, awareness, and internal collaboration Advise senior leadership and manage third-party security risk What We're Looking For: 5+ years in senior cyber security roles, with leadership experience Deep technical knowledge across cloud, network, and application security Strong understanding of DevSecOps, SIEM, IAM, and zero-trust frameworks Proven ability to communicate security priorities to technical and non-technical audiences Experience in highly regulated environments with knowledge of GDPR, NIST, SOC 2 This role is a hybrid role based out of our client's office in the Isle of Man, if you're not based currently in the Isle of Man but in the wider UK, you must be prepared to relocate, with financial support from our client. If the above sounds like your next challenge then click that apply button now.