Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Manage security questionnaires and conduct vendor risk assessments to ensure compliance.
- Company: Join a leading software company transforming the construction industry with innovative digital solutions.
- Benefits: Enjoy a competitive salary, flexible working, private medical insurance, and generous leave.
- Why this job: Be part of a mission-driven team focused on security and continuous improvement in a global setting.
- Qualifications: 3+ years in Information Security with strong communication skills and knowledge of compliance frameworks.
- Other info: Opportunity for career development and training in a supportive environment.
IT Security Analyst
Location: Hybrid – Buckinghamshire
Salary: 50,000 – 55,000 + Benefits
83zero are partnered with a market-leading software company who are on a mission to transform the construction and related industries through their end-to-end digital solutions. With teams across the UK, Europe, USA and India, they are delivering large-scale transformation projects on a global scale and are continuing to expand.
We are now looking for a highly organised and detail-driven IT Security Analyst to join their growing security function. This role plays a key part in securing customer trust and supplier integrity, ensuring compliance with recognised frameworks, and supporting wider security initiatives.
The Role
- Own and manage responses to customer security questionnaires (SIG, CAIQ, bespoke).
- Work cross-functionally with Legal, Compliance, Procurement, Product and Security teams.
- Maintain the security assurance matrix in line with ISO 27001, Cyber Essentials, and SOC 2.
- Act as the key point of contact for security assurance queries.
- Conduct vendor risk assessments against ISO 27001, NIST, and CIS Controls.
- Manage the third-party due diligence programme, including onboarding and periodic reviews.
- Track and publish key security metrics such as risk severity, SLA adherence, and turnaround times.
- Provide audit artefacts and support internal/external audits.
- Contribute to broader security initiatives and continuous improvement within the organisation.
About You
- 3+ years\’ experience in Information Security, GRC, or Vendor Risk Management.
- Strong experience issuing or responding to security questionnaires.
- Knowledge of ISO 27001 Annex A, SOC 2, and GDPR/CCPA.
- Excellent communication skills, able to translate technical risk to non-technical stakeholders.
- Eligible to work in the UK and able to pass background checks.
Desirable:
- Certifications such as CRISC, CISSP, CISA, or ISO 27001 Lead Auditor.
- Familiarity with SaaS/cloud platforms (AWS, Azure, GCP).
- Understanding of secure software supply chains (SBOM, SLSA).
What\’s on Offer
- 50,000 – 55,000 base salary
- 25 days annual leave + public holidays (increasing with service)
- Matched pension scheme
- Private medical insurance & life assurance
- Fitness allowance
- Paid study leave & volunteering days
- Flexible hybrid working
- Excellent career development and training opportunities
IT Security Analyst employer: 83zero Ltd
Contact Detail:
83zero Ltd Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land IT Security Analyst
✨Tip Number 1
Familiarise yourself with the specific compliance frameworks mentioned in the job description, such as ISO 27001 and SOC 2. Understanding these standards will not only help you in interviews but also demonstrate your commitment to the role.
✨Tip Number 2
Network with professionals in the IT security field, especially those who have experience in vendor risk management. Engaging with industry peers can provide insights into best practices and may even lead to referrals for the position.
✨Tip Number 3
Prepare to discuss real-world scenarios where you've managed security questionnaires or conducted vendor risk assessments. Having concrete examples ready will showcase your hands-on experience and problem-solving skills.
✨Tip Number 4
Stay updated on the latest trends and threats in IT security, particularly those affecting the construction industry. Being knowledgeable about current challenges will allow you to engage in meaningful conversations during interviews.
We think you need these skills to ace IT Security Analyst
Some tips for your application 🫡
Tailor Your CV: Make sure your CV highlights relevant experience in Information Security, GRC, or Vendor Risk Management. Emphasise your familiarity with ISO 27001, SOC 2, and any certifications you hold.
Craft a Compelling Cover Letter: Write a cover letter that showcases your communication skills and ability to translate technical risks to non-technical stakeholders. Mention specific examples of how you've managed security questionnaires or conducted vendor risk assessments.
Highlight Relevant Skills: In your application, clearly outline your experience with security frameworks like ISO 27001 and Cyber Essentials. Include any knowledge of SaaS/cloud platforms and secure software supply chains, as these are desirable for the role.
Proofread Your Application: Before submitting, carefully proofread your application for any spelling or grammatical errors. A polished application reflects your attention to detail, which is crucial for an IT Security Analyst.
How to prepare for a job interview at 83zero Ltd
✨Know Your Frameworks
Familiarise yourself with ISO 27001, Cyber Essentials, and SOC 2. Be prepared to discuss how these frameworks apply to the role and your previous experience in managing security compliance.
✨Showcase Your Communication Skills
As the role requires translating technical risks to non-technical stakeholders, practice explaining complex security concepts in simple terms. This will demonstrate your ability to communicate effectively across different teams.
✨Prepare for Security Questionnaires
Since you'll be managing responses to customer security questionnaires, review common questions and think about how you would respond. Highlight any past experiences where you've successfully handled similar tasks.
✨Highlight Your Vendor Risk Management Experience
Be ready to discuss your experience with vendor risk assessments and due diligence programmes. Provide examples of how you've managed third-party risks and contributed to security initiatives in previous roles.
