At a Glance
- Tasks: Help enhance cyber security maturity through governance, risk, and compliance activities.
- Company: AgileSource, a forward-thinking company focused on cybersecurity.
- Benefits: Competitive salary, flexible working, and opportunities for professional growth.
- Other info: Join a dynamic team and contribute to vital security initiatives.
- Why this job: Make a real impact in cybersecurity while collaborating with industry leaders.
- Qualifications: 3-5 years in information security, strong communication skills, and risk assessment experience.
The predicted salary is between 45000 - 55000 £ per year.
AgileSource are looking for a skilled Information Security Analyst to help deliver governance, risk, and compliance (GRC) services for a key client engagement. In this role, you'll collaborate with senior business stakeholders, technical teams, and security leaders to support the organisation in enhancing its cyber security maturity. You'll contribute to risk management practices, compliance activities, and broader security governance, while assisting with the implementation and upkeep of recognised industry frameworks and standards. This position suits a security professional who is comfortable working in a client-facing capacity and can offer practical, risk-based guidance to a variety of audiences.
Key Responsibilities
- Assist in delivering cybersecurity governance, risk, and compliance activities aligned to recognised frameworks such as ISO 27001, NIST Cybersecurity Framework, Cyber Essentials, and GovAssure.
- Perform information security risk assessments across business operations, projects, systems, and third-party providers.
- Maintain and update risk registers, monitor mitigation activities, and support ongoing cyber risk management efforts.
- Develop and maintain security documentation, including policies, standards, audit artefacts, assessment outputs, and senior-level reporting.
- Provide support during internal and external audits, control assessments, and compliance reviews.
- Engage with stakeholders across technical teams, programme delivery functions, and leadership to gather requirements, collect evidence, and support security initiatives.
- Contribute to supplier security assessments and third-party risk processes.
- Support the evolution of security governance frameworks, processes, and control environments.
- Help embed secure-by-design principles, data governance practices, and security standards across transformation, recovery, and operational initiatives.
- Participate in organisational security governance activities, including awareness, reporting, and risk communication.
Skills & Experience
Essential
- 3–5 years' experience in information security, cyber risk, IT audit, compliance, or related disciplines.
- Proven experience carrying out risk assessments and evaluating security controls.
- Solid understanding of governance, risk management, and compliance concepts.
- Working knowledge of ISO 27001 and information security management systems (ISMS).
- Familiarity with frameworks such as NIST CSF and Cyber Essentials.
- Experience contributing to audit or assurance engagements.
- Strong communication and stakeholder management skills.
- High standard of written documentation and reporting.
- Ability to translate technical security topics for non-technical audiences.
- Willingness to be onsite in London 2–3 days per week.
Desirable
- Experience within public sector, government, regulated industries, or large enterprise environments.
- Awareness of GovAssure and public sector security expectations.
- Exposure to cloud platforms such as Microsoft Azure and AWS.
- Use of GRC tools or risk management platforms.
- Understanding of security architecture or secure-by-design methodologies.
Certifications
The following certifications would be advantageous:
- ISO 27001 Lead Implementer or Lead Auditor
- CompTIA Security+
- CGRCCISACRISCCISSP (or Associate level)
GRC Information Security Analyst - FTC in London employer: Agilesource Ltd
AgileSource is an exceptional employer that prioritises employee growth and development within a collaborative and innovative work culture. Located in London, we offer a dynamic environment where skilled professionals can thrive, engage with senior stakeholders, and contribute to meaningful cybersecurity initiatives. Our commitment to work-life balance, alongside opportunities for professional advancement and the chance to work on impactful projects, makes us a standout choice for those seeking a rewarding career in information security.
StudySmarter Expert Advice🤫
We think this is how you could land GRC Information Security Analyst - FTC in London
✨Network Like a Pro
Get out there and connect with people in the industry! Attend meetups, webinars, or even just grab a coffee with someone who works in GRC. Building relationships can lead to job opportunities that aren't even advertised.
✨Show Off Your Skills
When you get the chance to chat with potential employers, don’t hold back! Share your experiences with risk assessments and compliance activities. Use real examples to demonstrate how you've contributed to security governance in past roles.
✨Tailor Your Approach
Every company is different, so make sure you tailor your conversations to their specific needs. Research the organisation's current security challenges and be ready to discuss how your skills can help them enhance their cyber security maturity.
✨Apply Through Our Website
Don’t forget to check out our website for the latest job openings! Applying directly through us not only shows your interest but also gives you a better chance of getting noticed by the hiring team.
We think you need these skills to ace GRC Information Security Analyst - FTC in London
Some tips for your application 🫡
Tailor Your CV:Make sure your CV speaks directly to the role of GRC Information Security Analyst. Highlight your experience with frameworks like ISO 27001 and NIST, and don’t forget to showcase your risk assessment skills!
Craft a Compelling Cover Letter:Your cover letter is your chance to shine! Use it to explain why you’re passionate about information security and how your background aligns with our needs. Keep it concise but impactful!
Showcase Your Communication Skills:Since this role involves engaging with various stakeholders, make sure to demonstrate your strong communication skills in your application. Use clear language and avoid jargon where possible to show you can translate complex topics for non-technical audiences.
Apply Through Our Website:We encourage you to apply through our website for a smoother process. It helps us keep track of your application and ensures you don’t miss out on any important updates from us!
How to prepare for a job interview at Agilesource Ltd
✨Know Your Frameworks
Make sure you brush up on the key frameworks mentioned in the job description, like ISO 27001 and NIST Cybersecurity Framework. Be ready to discuss how you've applied these in your previous roles, as this will show your practical understanding and relevance to the position.
✨Showcase Your Risk Assessment Skills
Prepare to talk about specific risk assessments you've conducted. Have examples ready that highlight your ability to evaluate security controls and manage risks effectively. This will demonstrate your hands-on experience and problem-solving skills.
✨Communicate Clearly
Since you'll be translating technical topics for non-technical audiences, practice explaining complex security concepts in simple terms. This will not only help you during the interview but also show your potential employer that you can engage with various stakeholders.
✨Engage with Stakeholders
Think of examples where you've successfully collaborated with different teams or stakeholders. Highlight your communication and stakeholder management skills, as these are crucial for the role. Being able to share how you gathered requirements and supported security initiatives will set you apart.
