Information Security Compliance Analyst
Hybrid
Hertfordshire, United Kingdom
Freelance
09-04-2025
Job Specifications
Information Security Compliance Analyst
12 Month Fixed Term Contract
Salary: Negotiable
Hybrid - Hertfordshire
As an Information Security Compliance Analyst, you will support the development and maintenance of the EMEA wide information security management system in accordance with Global EIT strategy, EMEA business requirements and relevant information security legislation, including NIS 2, AI Act and GDPR.
You will ensure the continued certification of the EIT ISO 27001:2022 management system and adherence by the EMEA EIT department to all relevant legislation and regulations, including but not limited to Health and Safety, Financial and Privacy laws.
Main duties/responsibilities:
Conduct information security, information system, and compliance-based risk assessments, evaluate responses and recommend risk treatment actions
Develop and execute risk mitigation plans in conjunction with relevant internal and external stakeholders/groups and to agreed timescales, following through to completion
Support the creation, implementation and maintenance of information security policies and standards, in accordance with ISO 27001 other relevant frameworks and standards (NIST CSF, IEC 62443, CIS, GDPR etc.)
Maintain the department’s information security procedures, including but not limited to information security incident response and business continuity management, conducting tabletop exercises to evaluate effectiveness.
Manage the information security awareness training program to ensure all employees develop and maintain an awareness about and comply with all applicable information security policies, procedures, laws, and regulations.
Provide information security advice and guidance for EMEA business activities and projects
Manage information security programs to ensure the company meets its compliance requirements
Monitor, analyse and report on information security-based management metrics.
Perform comprehensive third-party information security due diligence assessments in a timely manner, report on results, recommend remediation activities and work with the legal team to ensure contractual obligations include security clauses as relevant
Support information security and compliance audits conducted in the department
Qualifications and Experience required:
Degree level qualified or equivalent - highly desirable.
CISM and / or CRISC or other relevant certification is highly desirable
ISO 27001:2022 Lead Implementer / Auditor certification is essential.
Demonstratable experience in an Information Security, IT Governance, Risk and Compliance based role, including maintaining and continually improving an ISO 27001 compliant management system.
Extensive experience of information security management and/or security awareness.
In-depth expert knowledge of industry standard frameworks and best practices – ISO 27001: 2022, ISO 27002:2022, ISO 27005, ISO 31000, NIST and their practical application in a corporate environment to ensure all elements of integrity, availability and confidentiality are adhered to.
Extensive experience conducting information security risk assessments, reporting risks
Experience of developing, implementing, managing, and maintaining Information Security policies, controls, standards, guidance, processes & procedures, and auditing compliance.
Experience of developing, implementing, managing, and maintaining risk management framework, policies, processes, and procedures.
Knowledge & experience of developing and performing information security due diligence and risk assessments of third-party organisations based on IT control frameworks such as ISO 27001 and ISO 31000.
Practical experience of conducting gap analysis, testing information security processes, procedures, plans and leading audits to achieve compliance with Information Security standards.
Practical experience of establishing and maintain data classification standards within a corporate environment.
Experience of project managing Information Security, Data Protection & Compliance initiatives.
Experience in developing and executing an Information Security awareness training across multi-business units.
Experience with ensuring corporate compliance with UK/EMEA data protection legislation such as DPA and GDPR.
Good knowledge of a broad range of IT technology platforms, products, services.
Stakeholder management experience at both a technical and non-technical to Executive level.
Excellent Business/customer facing experience
If you are interested please apply or send your CV to luke.sandilands@cpl.com
About the Company
At Cpl UK Life Sciences, we're experts at connecting talented professionals with the most ambitious companies in the industry. With excellent local knowledge of markets across the UK, Switzerland, and the USA, you can trust us to help with all your life science recruitment. We cover: - UK - Switzerland + Europe - USA From big pharma, CROs to small biotech start ups, we can deliver the total talent solutions you need. - Permanent - Contract/temporary - FSP - Embedded (multi-hire) -Executive Search Our team has an acut... Know more
Related Jobs
- Company Name
- Eames Consulting
- Job Title
- Information Security Consultant - AI
- Job Description
- IT Security Transformation Consultant – 6-Month Contract Hybrid (50% onsite at Canary Wharf) £550 per day Outside IR35 Join a fast-paced IT Security team driving the Bank’s Cybersecurity Resilience Programme. We’re looking for an experienced Security Transformation Consultant to lead and support security initiatives that strengthen our cyber posture across tech, risk, procurement, and business operations. Key Responsibilities Own & drive small-to-mid-sized cybersecurity projects; support delivery on larger technical initiatives. Act as the bridge between business and security, aligning technical solutions with regulatory and operational needs. Perform risk-based analysis, translate business requirements into security actions, and guide GRC and compliance efforts. Provide consulting expertise across frameworks (NIST CSF, ISO 27001, CIS, CSA CCM) and modern security practices. Must-Have Requirements 5+ years in IT security consulting or project delivery. Strong understanding of cybersecurity frameworks, GRC processes, and secure SDLC/DevSecOps. Proven experience managing complex, global security initiatives and engaging with senior stakeholders. Excellent communication skills with the ability to translate technical concepts for non-technical audiences. Familiarity with SOC, incident response, DR/BCP, and vulnerability management.
- Company Name
- The Engineer UK
- Job Title
- Fire & Security Systems Engineer
- Job Description
- About The Job Job Title: Fire & Security Systems Engineer Location: Liverpool Salary: Starting salary of £30,000 to £35,000 (dependent on experience) plus bonus with potential OTE of £60,000+ Job type: Full time - Permanent Are you passionate about safety and security? Do you thrive in a dynamic environment where your expertise can make a real difference? Look no further! We are seeking dedicated professionals to join our client's family-run business-a leading independent fire and security solutions provider. About Us With over 30 years of experience, Jackson Fire & Security specialises in comprehensive fire and security solutions. Our services include supplying, installing, commissioning, and maintaining fire extinguishers, fire alarms, emergency lighting, access control systems, intruder alarms, and CCTV. As an NSI Gold-accredited company for both Fire and Security, we take pride in our commitment to excellence. Role Overview As an Engineer, you will assist in the installation and maintenance of fire and security equipment and expand your knowledge on different systems. Your workdays will be dynamic and diverse. One day, you might be installing fire extinguishers, while the next, you will be servicing a large commercial fire or intruder alarm system. Regardless of the task, one constant remains: you will always represent the business and recognise the importance of delivering exceptional customer service. Variety: No two days are the same. You will tackle exciting challenges and contribute to safety. Impact: Beyond fixing systems, you will safeguard lives and property. Community: Join our close-knit team and make a difference in your local area. The Important Bit - The Package Starting salary of £30,000 to £35,000 (dependent on experience) plus bonus with potential OTE of £60,000+ All work in local area Upto 25 Days Annual Leave plus Bank Holidays Additional day off for your birthday Continuous ongoing training opportunities with direct access to training centre and support from the National Training Manager Opportunities to progress within the organisation Company pension Company van, laptop, tablet, mobile phone, and uniform Regular team building days/nights out Quarterly recognition awards for outstanding performance Permanent contract, working locally Monday to Friday 8am to 5pm but with flexibility to suit. Opportunity to progress within the business across different departments or branches Requirements Experience in installing, maintaining, and fault-finding fire alarms, access control systems, intruder alarms and CCTV (further training will be available) Excellent interpersonal and communication skills Ability to manage own workload with minimal supervision Diligence and commitment to providing excellent customer service Full UK driving license Due to the nature of the business, successful applicants will be subject to Security Screening in accordance with BS7858 Why Choose Us? Local Impact: Our growing franchise network across the UK provides personalised service, ensuring safety and security in our communities. Expertise: Our engineers are BAFE registered, bringing top-tier skills to every project. Respected Reputation: Since our formation in 1991, we have steadily grown to become one of the most respected solutions-led companies in the field. More About The Company We are committed to promoting diversity and inclusion in the workplace. We believe that a diverse and inclusive workforce enhances our ability to meet the needs of clients and fosters a positive and collaborative work environment. Applications are invited from individuals of all backgrounds, regardless of race, ethnicity, gender, sexual orientation, gender identity, age, religion, disability, or any other characteristic. Hiring decisions are based on merit, qualifications, and business needs. We strive to create an inclusive culture where all employees feel valued and respected. As an equal opportunities' employer, we actively encourage candidates from underrepresented groups to apply. Please click on the APPLYbutton to send your CV for this role. Candidates with the relevant experience or job title of; Fire Alarm Systems Engineer, Security Systems Engineer, Infrastructure Engineer, IT Infrastructure Systems Engineer, Technical Systems Engineer, also be considered for this role.
- Company Name
- Eames Consulting
- Job Title
- Information Security Consultant
- Job Description
- IT Security Transformation Consultant – Contract Duration: 6 Month Contract Location: Canary Wharf (Hybrid – 2 days onsite) £500 Per Day Outside IR35 Join a leading bank's Cybersecurity Resilience Programme About the Role: We're seeking an experienced IT Security Transformation Consultant to drive and support key cybersecurity initiatives. You'll work across IT Security, Risk, Procurement, and Business teams to deliver security projects that align with strategic goals and compliance requirements. Key Responsibilities: Lead small-to-mid-sized cybersecurity projects end-to-end. Support larger programmes run by security architects and technical leads. Bridge business and IT security, embedding security in processes and digital projects. Perform cybersecurity analysis, translating regulatory and business requirements into actionable tasks. Advise on frameworks such as NIST, ISO 27001, CIS Controls, CSA CCM. Support GRC activities, including risk assessments and compliance monitoring. Must-Have Experience & Skills: 5+ years in IT security consulting or transformation roles. Proven delivery of complex, multi-site security projects globally. Deep knowledge of security frameworks (NIST, ISO 27001, CIS, CSA CCM). Strong understanding of GRC processes, vulnerability management, incident response, and SOC. Familiarity with DevSecOps, secure SDLC, disaster recovery, and BCP. Excellent stakeholder management and communication skills. Experience navigating multicultural environments and cross-functional teams. Other Requirements: Must be able to work onsite in Canary Wharf 50% of the time. Able to produce documentation and provide a thorough handover at project completion.
- Company Name
- Mphasis
- Job Title
- Security Engineer
- Job Description
- Job Title: Infrastructure Security Specialist / Security Architect Experience: 8-10 Years Location: Sheffield, UK – 2-3 Days in a week Day Rate: 480-500 GBP/Day Inside IR35 Key Skills: Commvault Expertise: Hands-on experience with Commvault software, including installation, configuration, backup & recovery, and performance tuning. Must have detailed IntelliSnap experience. Automation & API Proficiency: Strong experience with Commvault APIs and creating automation tools. Financial Institution Experience: Preferred experience in a regulated or change-controlled environment (e.g., financial institutions). Hyperscale-X: Experience with Commvault’s Hyperscale-X platform is a plus. Networking & Storage: Solid understanding of networking, storage solutions, and virtualization technologies. Problem-Solving: Excellent at troubleshooting and working under pressure. Collaboration: Strong communication and teamwork skills. Certifications: Relevant certifications are a plus. Preferred Skills: Scripting & Automation: Familiarity with Python, Ansible, Shell scripting, or other automation tools. Cloud: Experience with cloud platforms like OCI. Containers: Familiarity with Docker or Kubernetes.