Senior Security Analyst

Get AI-powered advice on this job and more exclusive features.This range is provided by La Fosse. Your actual pay will be based on your skills and experience — talk with your recruiter to learn more.Base pay range

Direct message the job poster from La FosseSenior Information Security Analyst – GRC / NISTFinancial Services Company | Guildford (Hybrid, 2 days/week) | up to £70,000 + Bonus + BenefitsA well-established financial services organisation is seeking an Senior Information Security Analyst to join its maturing InfoSec GRC function. This is a hands-on role focused on implementing the NIST Cyber Security Framework (CSF) and leading key security initiatives across the business.The successful candidate will report into the GRC Manager and work closely with senior leadership across multiple business units, helping to uplift overall security maturity and embed governance best practices.What You’ll Be Doing•

Leading day-to-day GRC initiatives aligned to the NIST CSF•

Designing and implementing controls, policies, and procedures in line with frameworks such as NIST, ISO 27001, PCI DSS, DORA, and Cyber Essentials•

Conducting risk and control assessments, identifying material gaps, and managing remediation•

Supporting compliance activities including internal security frameworks and regulatory obligations•

Working cross-functionally to integrate risk management into business-as-usual activity•

Producing risk reports, metrics, and dashboards using Excel and Power BI for governance forums•

Guiding junior members of the team and influencing stakeholders across a federated environmentWhat They’re Looking For•

4+ years of experience in information security, with a strong focus on governance, risk, and compliance•

Hands-on implementation experience with NIST CSF is essential•

Broad understanding of security frameworks such as ISO 27001, PCI DSS, DORA, and Cyber Essentials•

Strong data analysis and reporting skills, ideally using Excel and Power BI•

Experience working within regulated industries (e.g. financial services, insurance)•

Confident communicator who can operate independently and engage non-technical stakeholdersRelevant certifications such as CISSP, CISM, CRISC, or ISO 27001 Lead Implementer are highly desirable.Seniority level

Seniority level Mid-Senior levelEmployment type

Employment type Full-timeJob function

Job function Information TechnologyIndustries Staffing and RecruitingReferrals increase your chances of interviewing at La Fosse by 2xSign in to set job alerts for “Security Analyst” roles.

Guildford, England, United Kingdom 5 days agoGuildford, England, United Kingdom 4 days agoWe’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

#J-18808-Ljbffr