Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead GRC initiatives and implement security frameworks like NIST and ISO 27001.
- Company: Join a well-established financial services organisation in Guildford, offering hybrid work.
- Benefits: Enjoy a competitive salary up to ÂŁ70,000 plus bonuses and benefits.
- Why this job: Make a real impact on security maturity while working with senior leadership.
- Qualifications: 4+ years in information security with hands-on NIST CSF experience required.
- Other info: Ideal for confident communicators who thrive in regulated industries.
The predicted salary is between 42000 - 84000 ÂŁ per year.
Senior Security Analyst
Get AI-powered advice on this job and more exclusive features.
This range is provided by La Fosse. Your actual pay will be based on your skills and experience — talk with your recruiter to learn more.
Base pay range
Direct message the job poster from La Fosse
Senior Information Security Analyst – GRC / NIST
Financial Services Company | Guildford (Hybrid, 2 days/week) | up to ÂŁ70,000 + Bonus + Benefits
A well-established financial services organisation is seeking an Senior Information Security Analyst to join its maturing InfoSec GRC function. This is a hands-on role focused on implementing the NIST Cyber Security Framework (CSF) and leading key security initiatives across the business.
The successful candidate will report into the GRC Manager and work closely with senior leadership across multiple business units, helping to uplift overall security maturity and embed governance best practices.
What You’ll Be Doing
• Leading day-to-day GRC initiatives aligned to the NIST CSF
• Designing and implementing controls, policies, and procedures in line with frameworks such as NIST, ISO 27001, PCI DSS, DORA, and Cyber Essentials
• Conducting risk and control assessments, identifying material gaps, and managing remediation
• Supporting compliance activities including internal security frameworks and regulatory obligations
• Working cross-functionally to integrate risk management into business-as-usual activity
• Producing risk reports, metrics, and dashboards using Excel and Power BI for governance forums
• Guiding junior members of the team and influencing stakeholders across a federated environment
What They’re Looking For
• 4+ years of experience in information security, with a strong focus on governance, risk, and compliance
• Hands-on implementation experience with NIST CSF is essential
• Broad understanding of security frameworks such as ISO 27001, PCI DSS, DORA, and Cyber Essentials
• Strong data analysis and reporting skills, ideally using Excel and Power BI
• Experience working within regulated industries (e.g. financial services, insurance)
• Confident communicator who can operate independently and engage non-technical stakeholders
Relevant certifications such as CISSP, CISM, CRISC, or ISO 27001 Lead Implementer are highly desirable.
Seniority level
-
Seniority level
Mid-Senior level
Employment type
-
Employment type
Full-time
Job function
-
Job function
Information Technology
-
Industries
Staffing and Recruiting
Referrals increase your chances of interviewing at La Fosse by 2x
Sign in to set job alerts for “Security Analyst” roles.
Guildford, England, United Kingdom 5 days ago
Guildford, England, United Kingdom 4 days ago
We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.
#J-18808-Ljbffr
Senior Security Analyst employer: La Fosse
Contact Detail:
La Fosse Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Senior Security Analyst
✨Tip Number 1
Familiarise yourself with the NIST Cyber Security Framework (CSF) and be prepared to discuss your hands-on experience with it. Highlight specific projects where you've implemented NIST CSF controls, as this will demonstrate your practical knowledge and suitability for the role.
✨Tip Number 2
Brush up on your understanding of other security frameworks like ISO 27001, PCI DSS, and DORA. Be ready to explain how these frameworks relate to the NIST CSF and how you’ve applied them in previous roles, as this will show your comprehensive grasp of governance, risk, and compliance.
✨Tip Number 3
Prepare to discuss your data analysis skills, particularly with Excel and Power BI. Think of examples where you've produced risk reports or dashboards, as showcasing your ability to communicate complex data effectively will be crucial in this role.
✨Tip Number 4
Since the role involves working with non-technical stakeholders, practice articulating technical concepts in simple terms. Being able to influence and engage with various teams is key, so consider scenarios where you've successfully communicated security initiatives to a diverse audience.
We think you need these skills to ace Senior Security Analyst
Some tips for your application 🫡
Tailor Your CV: Make sure your CV highlights your experience in information security, particularly focusing on governance, risk, and compliance. Emphasise your hands-on implementation of the NIST Cyber Security Framework and any relevant certifications you hold.
Craft a Compelling Cover Letter: Write a cover letter that showcases your understanding of the role and the company. Mention specific experiences that align with the job description, such as leading GRC initiatives or working with security frameworks like ISO 27001 and PCI DSS.
Highlight Relevant Skills: In your application, clearly outline your data analysis and reporting skills, especially with tools like Excel and Power BI. Provide examples of how you've used these skills to produce risk reports or dashboards in previous roles.
Showcase Communication Abilities: Since the role requires engaging with non-technical stakeholders, include examples in your application that demonstrate your ability to communicate complex security concepts clearly and effectively.
How to prepare for a job interview at La Fosse
✨Showcase Your NIST CSF Knowledge
Make sure to highlight your hands-on experience with the NIST Cyber Security Framework during the interview. Be prepared to discuss specific projects where you implemented NIST controls and how they improved security maturity within your previous roles.
✨Demonstrate Data Analysis Skills
Since the role requires strong data analysis and reporting skills, be ready to talk about your experience using Excel and Power BI. Bring examples of risk reports or dashboards you've created, and explain how they contributed to governance forums or decision-making processes.
✨Prepare for Scenario-Based Questions
Expect scenario-based questions that assess your problem-solving abilities in GRC initiatives. Think of situations where you identified material gaps in security and how you managed remediation efforts. This will show your practical understanding of risk management.
✨Engage Non-Technical Stakeholders
As a Senior Security Analyst, you'll need to communicate effectively with non-technical stakeholders. Prepare examples of how you've successfully influenced and guided teams in a federated environment, ensuring everyone understands the importance of security governance.
