We’re supporting a leading UK not-for-profit organisation in strengthening its information security posture following a major digital transformation. They’re looking for an experienced Senior Information Security Analyst to provide immediate support across both technical security assurance and governance, risk, and compliance (GRC). This is a hands-on delivery role, ideal for someone who’s comfortable working autonomously, assessing risk, and providing clear, practical advice to technical and non-technical teams alike.
Key Responsibilities
- Security Governance & Risk
- Conduct risk assessments across systems, suppliers, and projects.
- Review and respond to security questionnaires and tenders.
- Support remediation activities and maintain the Information Security Risk Register.
- Contribute to maintaining compliance with ISO 27001, Cyber Essentials Plus, DSPT, and GDPR.
- Technical Security Oversight
- Review alerts, vulnerabilities, and incidents, providing risk-based recommendations.
- Validate configurations across the Microsoft security stack (M365, Azure, Defender, DLP, Conditional Access).
- Support vulnerability and patch management activities.
- Provide input to technical change reviews and post-incident analysis.
- Supplier Assurance
- Conduct third-party risk assessments for new and existing suppliers.
- Evaluate supplier evidence against internal standards and track high-risk findings.
- Collaborate with procurement and legal on security clauses and data protection obligations.
Skills & Experience
- 5+ years’ experience in Information Security, combining technical and GRC work.
- Strong understanding of cloud and endpoint security (Microsoft-based environments).
- Experience conducting risk assessments and reviewing supplier assurance evidence.
- Familiarity with ISO 27001, Cyber Essentials Plus, DSPT, GDPR, and NCSC guidance.
- Ability to interpret vulnerability reports and advise on remediation priorities.
- Excellent written communication and stakeholder engagement skills.
Desirable
- Certifications such as CISSP, CISM, CRISC, CEH, or Security+.
- Experience in public sector, healthcare, or charity settings.
- Familiarity with NCSC CAF and NHS DSPT frameworks.
Personal Attributes
- Pragmatic, calm, and delivery-focused.
- Strong integrity and attention to detail.
- Confident working independently and making risk-based decisions.
- Able to communicate clearly with senior stakeholders and technical teams alike.
If you’re an experienced Information Security Analyst who enjoys combining technical security insight with governance and assurance, this short-term remote contract offers an opportunity to make a meaningful impact.
Senior Information Security Analyst in Birmingham employer: Creatify
Join a leading UK not-for-profit organisation that values integrity and innovation, offering a collaborative work culture where your expertise in information security will directly contribute to enhancing their digital transformation efforts. With a focus on employee growth, this remote role provides the flexibility to work autonomously while making a meaningful impact in the public sector, supported by a commitment to compliance and best practices in information security.
StudySmarter Expert Advice🤫
We think this is how you could land Senior Information Security Analyst in Birmingham
✨Tip Number 1
Network like a pro! Reach out to your connections in the information security field and let them know you're on the lookout for opportunities. A friendly chat can lead to insider info about roles that might not even be advertised yet.
✨Tip Number 2
Prepare for those interviews by brushing up on your technical skills and GRC knowledge. Be ready to discuss real-world scenarios where you've assessed risks or handled incidents. We want to see you shine!
✨Tip Number 3
Don’t forget to showcase your soft skills! Being able to communicate complex security concepts to non-technical teams is key. Practice explaining your past experiences in a way that anyone can understand.
✨Tip Number 4
Apply through our website! It’s the best way to ensure your application gets seen by the right people. Plus, it shows you’re serious about joining the team and making an impact in the not-for-profit sector.
We think you need these skills to ace Senior Information Security Analyst in Birmingham
Some tips for your application 🫡
Tailor Your CV:Make sure your CV highlights your experience in both technical security and governance, risk, and compliance. We want to see how your skills align with the role, so don’t be shy about showcasing relevant projects or achievements!
Craft a Compelling Cover Letter:Your cover letter is your chance to shine! Use it to explain why you’re the perfect fit for this Senior Information Security Analyst role. We love seeing enthusiasm and a clear understanding of the organisation’s mission.
Showcase Your Communication Skills:Since this role involves engaging with both technical and non-technical teams, make sure your application reflects your ability to communicate complex ideas clearly. We appreciate candidates who can bridge the gap between different stakeholders!
Apply Through Our Website:We encourage you to apply directly through our website for a smoother process. It helps us keep track of applications and ensures you don’t miss out on any important updates from us!
How to prepare for a job interview at Creatify
✨Know Your Stuff
Make sure you brush up on your knowledge of ISO 27001, Cyber Essentials Plus, and GDPR. Be ready to discuss how you've applied these standards in your previous roles, especially in risk assessments and compliance.
✨Showcase Your Technical Skills
Prepare to talk about your experience with Microsoft security tools like M365 and Azure. Have specific examples ready where you validated configurations or managed vulnerabilities, as this will demonstrate your hands-on expertise.
✨Communicate Clearly
Since you'll be working with both technical and non-technical teams, practice explaining complex security concepts in simple terms. This will show that you can bridge the gap between different stakeholders effectively.
✨Be Ready for Scenario Questions
Expect questions that put you in real-world situations, like how you'd handle a security incident or assess a new supplier's risk. Think through your thought process and decision-making criteria beforehand to impress the interviewers.
