At a Glance
- Tasks: Help enhance cyber security maturity through governance, risk, and compliance activities.
- Company: AgileSource, a forward-thinking company focused on cybersecurity.
- Benefits: Competitive salary, professional development, and flexible working arrangements.
- Other info: Opportunity to work onsite in London 2–3 days a week.
- Why this job: Make a real impact in cybersecurity while collaborating with industry leaders.
- Qualifications: 3–5 years in information security, strong communication skills, and risk assessment experience.
The predicted salary is between 50000 - 60000 £ per year.
AgileSource are looking for a skilled Information Security Analyst to help deliver governance, risk, and compliance (GRC) services for a key client engagement. In this role, you’ll collaborate with senior business stakeholders, technical teams, and security leaders to support the organisation in enhancing its cyber security maturity. You’ll contribute to risk management practices, compliance activities, and broader security governance, while assisting with the implementation and upkeep of recognised industry frameworks and standards.
This position suits a security professional who is comfortable working in a client-facing capacity and can offer practical, risk-based guidance to a variety of audiences.
Key Responsibilities- Assist in delivering cybersecurity governance, risk, and compliance activities aligned to recognised frameworks such as ISO 27001, NIST Cybersecurity Framework, Cyber Essentials, and GovAssure.
- Perform information security risk assessments across business operations, projects, systems, and third-party providers.
- Maintain and update risk registers, monitor mitigation activities, and support ongoing cyber risk management efforts.
- Develop and maintain security documentation, including policies, standards, audit artefacts, assessment outputs, and senior-level reporting.
- Provide support during internal and external audits, control assessments, and compliance reviews.
- Engage with stakeholders across technical teams, programme delivery functions, and leadership to gather requirements, collect evidence, and support security initiatives.
- Contribute to supplier security assessments and third-party risk processes.
- Support the evolution of security governance frameworks, processes, and control environments.
- Help embed secure-by-design principles, data governance practices, and security standards across transformation, recovery, and operational initiatives.
- Participate in organisational security governance activities, including awareness, reporting, and risk communication.
- 3–5 years’ experience in information security, cyber risk, IT audit, compliance, or related disciplines.
- Proven experience carrying out risk assessments and evaluating security controls.
- Solid understanding of governance, risk management, and compliance concepts.
- Working knowledge of ISO 27001 and information security management systems (ISMS).
- Familiarity with frameworks such as NIST CSF and Cyber Essentials.
- Experience contributing to audit or assurance engagements.
- Strong communication and stakeholder management skills.
- High standard of written documentation and reporting.
- Ability to translate technical security topics for non-technical audiences.
- Willingness to be onsite in London 2–3 days per week.
- Experience within public sector, government, regulated industries, or large enterprise environments.
- Awareness of GovAssure and public sector security expectations.
- Exposure to cloud platforms such as Microsoft Azure and AWS.
- Use of GRC tools or risk management platforms.
- Understanding of security architecture or secure-by-design methodologies.
The following certifications would be advantageous:
- ISO 27001 Lead Implementer or Lead Auditor
- CompTIA Security+
- CGRCCISACRISCCISSP (or Associate level)
GRC Information Security Analyst - FTC in Slough employer: Agilesource Ltd
AgileSource is an exceptional employer that prioritises employee growth and development within a collaborative and innovative work culture. Located in London, we offer a dynamic environment where skilled professionals can thrive, engage with senior stakeholders, and contribute to meaningful cybersecurity initiatives while enjoying the benefits of flexible working arrangements and a commitment to professional advancement.
StudySmarter Expert Advice🤫
We think this is how you could land GRC Information Security Analyst - FTC in Slough
✨Tip Number 1
Network like a pro! Get out there and connect with folks in the industry. Attend meetups, webinars, or even local events. The more people you know, the better your chances of landing that GRC Information Security Analyst role.
✨Tip Number 2
Show off your skills! Create a portfolio or a personal website where you can showcase your experience with risk assessments and compliance frameworks. This is a great way to demonstrate your expertise beyond just a CV.
✨Tip Number 3
Prepare for interviews by brushing up on your communication skills. You’ll need to explain complex security concepts to non-technical stakeholders, so practice translating those technical terms into everyday language.
✨Tip Number 4
Don’t forget to apply through our website! We’ve got loads of opportunities, and applying directly can sometimes give you an edge. Plus, it’s super easy to keep track of your applications that way!
We think you need these skills to ace GRC Information Security Analyst - FTC in Slough
Some tips for your application 🫡
Tailor Your CV:Make sure your CV speaks directly to the role of GRC Information Security Analyst. Highlight your experience with frameworks like ISO 27001 and NIST, and don’t forget to showcase your risk assessment skills!
Craft a Compelling Cover Letter:Your cover letter is your chance to shine! Use it to explain why you’re passionate about information security and how your background aligns with our needs. Keep it concise but impactful!
Showcase Your Communication Skills:Since this role involves engaging with various stakeholders, make sure your written application reflects your ability to communicate complex security topics clearly. We want to see that you can translate technical jargon into plain English!
Apply Through Our Website:We encourage you to apply through our website for a smoother process. It’s the best way for us to receive your application and get you in front of the right people quickly!
How to prepare for a job interview at Agilesource Ltd
✨Know Your Frameworks
Make sure you brush up on the key frameworks mentioned in the job description, like ISO 27001 and NIST Cybersecurity Framework. Being able to discuss these frameworks confidently will show that you understand the core of what the role entails.
✨Prepare Real-World Examples
Think of specific instances where you've conducted risk assessments or contributed to compliance activities. Having concrete examples ready will help you demonstrate your experience and how it aligns with the responsibilities of the role.
✨Engage with Stakeholders
Since this role involves collaboration with various stakeholders, be prepared to discuss how you've effectively communicated technical security topics to non-technical audiences. This will highlight your strong communication skills, which are essential for the position.
✨Show Your Passion for Security
Express your enthusiasm for information security and staying updated on industry trends. Mention any relevant certifications or ongoing learning initiatives, as this shows your commitment to professional growth and the field itself.
