At a Glance
- Tasks: Support information security governance, compliance, and awareness while collaborating with a dynamic CISO team.
- Company: Join a leading firm dedicated to innovative security solutions and professional growth.
- Benefits: Enjoy hybrid working, competitive salary, pension plan, private medical insurance, and generous annual leave.
- Other info: Flexible work environment with opportunities for volunteering and personal development.
- Why this job: Kickstart your career in information security with hands-on experience and mentorship from industry experts.
- Qualifications: Degree-level education or equivalent; interest in security qualifications is a plus.
The predicted salary is between 30000 - 40000 € per year.
The Information Security Analyst is a broad and varied role within the firm's CISO function, offering structured exposure across information security governance, regulatory compliance, security awareness and operational support. Working closely with members of the CISO team, the role holder will contribute to a wide range of security activities — including security operations, regulatory framework compliance (ISO 27001, DORA, NYDFS), vendor risk management, security awareness programmes and governance reporting. The role provides direct involvement in how the firm manages its security obligations and responds to an evolving regulatory and threat landscape. The position is designed as a strong foundation for a career in information security, with visibility across the full CISO service catalogue and the opportunity to develop expertise across multiple security disciplines. The role holder will be supported by experienced practitioners across governance, risk, cloud security and security engineering.
Role Responsibilities
- Governance & Reporting
- Administer ISGF and ORC meeting logistics including preparing agendas, collating papers, recording minutes and tracking actions to completion.
- Maintain the CISO organisational RACI, ensuring it is kept current as team structure and responsibilities evolve.
- Compile and distribute the master CISO security reporting pack, collating inputs from all service areas into a consistent, accurate and timely governance view.
- Maintain and update technology roadmap tracking documents, collating status updates and producing progress summaries for review.
- Support preparation of Board, ExCo and governance forum presentations and papers.
- Policies, Standards & Compliance
- Manage the security policies and standards library, tracking review schedules, chasing approvals and maintaining version control.
- Maintain the ISO 27001 evidence library, coordinating evidence collection cycles and supporting internal and external audit preparation.
- Administer DORA compliance tracking, gathering evidence, maintaining registers and flagging gaps for senior review.
- Support NYDFS Part 500 compliance activities including maintaining evidence packs and tracking annual certification requirements.
- Own Cyber Essentials and SWIFT CSP evidence gathering and submission processes.
- Administer the Risk & Controls Register within Vanta and RiskConnect, keeping control status and evidence current.
- Support Financial Audit and Internal Audit activities through evidence provision, scheduling and action tracking.
- Security Awareness
- Administer the annual mandatory security training programme, tracking completion rates, chasing non‑completions and producing completion reports.
- Execute phishing simulation campaigns, analysing results, producing reports and coordinating follow‑up training for at‑risk users.
- Own the security awareness communications calendar, producing and distributing content for firm‑wide awareness campaigns.
- Coordinate Executive & Board training logistics, scheduling and record‑keeping.
- Coordinate specialist security training activities, managing scheduling, attendance tracking and training records.
- Vendor Risk Administration
- Administer vendor onboarding activities, running security questionnaire processes, tracking responses and maintaining the vendor register.
- Support vendor annual review cycles, coordinating evidence collection, scheduling review meetings and updating vendor risk records.
- Operations Support
- Assist the Operational Security Engineer with routine security operations tasks including ticket handling, tool administration and evidence gathering.
- Contribute to automation of routine tasks, helping to identify, document and test repeatable processes suitable for scripting or workflow tooling.
Qualifications
- Degree‑level education or equivalent; a subject with an information security, technology or analytical component is beneficial but not required.
- An interest in pursuing professional security qualifications (e.g. CompTIA Security+, CISMP, BCS Information Security) is expected.
Experience
- 0–2 years of professional experience; prior exposure to an information security, compliance, risk or technology environment is advantageous but not essential.
- Strong organisational skills with the ability to manage multiple parallel tasks, track deadlines and maintain accurate records.
- Proficient in Microsoft 365 (Word, Excel, PowerPoint, SharePoint); familiarity with security or GRC tooling such as Vanta or RiskConnect is a plus.
- Clear written communication skills, with the ability to produce well‑structured reports and documentation.
- Attentive to detail with a methodical approach to evidence gathering, record‑keeping and process execution.
- Genuine interest in information security as a career, with a desire to grow within the CISO function over time.
Additional Information
- Hybrid working (3 days in office)
- Contributory personal pension plan: - Minimum: Employee 2% and Employer 7%. Employer matches contributions in 1% increments to a maximum of: Employee 5% and Employer 10%
- Life Assurance – 4 times annual salary
- Group Income Protection
- Private Medical Insurance – this may include cover for partner and or children at company cost. Cover includes Optical, Dental and Audiology
- Discretionary Bonus
- Competitive Annual Leave
- 2 Volunteering Days
- Benefit Hub
Information Security Analyst employer: Crown Agents Bank
As an Information Security Analyst at our firm, you will be part of a dynamic CISO team that fosters a collaborative and supportive work culture, providing you with the opportunity to develop your skills across various security disciplines. With a strong emphasis on employee growth, we offer structured training, mentorship from experienced practitioners, and a hybrid working model that promotes work-life balance. Our comprehensive benefits package, including a contributory pension plan, private medical insurance, and generous annual leave, makes us an excellent employer for those seeking a meaningful career in information security.
StudySmarter Expert Advice🤫
We think this is how you could land Information Security Analyst
✨Tip Number 1
Network like a pro! Reach out to folks in the information security field on LinkedIn or at industry events. A friendly chat can open doors and give you insights that job descriptions just can't.
✨Tip Number 2
Prepare for interviews by brushing up on your knowledge of ISO 27001, DORA, and NYDFS. We want to see you shine when discussing compliance and security frameworks, so do your homework!
✨Tip Number 3
Show off your organisational skills! Bring examples of how you've managed multiple tasks or projects in the past. This will demonstrate your ability to handle the varied responsibilities of an Information Security Analyst.
✨Tip Number 4
Don't forget to apply through our website! It’s the best way to ensure your application gets noticed. Plus, we love seeing candidates who are genuinely interested in joining our team.
We think you need these skills to ace Information Security Analyst
Some tips for your application 🫡
Tailor Your CV:Make sure your CV is tailored to the Information Security Analyst role. Highlight any relevant experience or skills that align with the job description, especially in areas like compliance and security operations.
Craft a Compelling Cover Letter:Your cover letter is your chance to shine! Use it to explain why you're passionate about information security and how your background makes you a great fit for our team. Keep it concise but impactful!
Show Off Your Skills:Don’t forget to showcase your organisational skills and attention to detail in your application. Mention any tools or software you’re familiar with, like Microsoft 365 or GRC tooling, as these are super relevant to the role.
Apply Through Our Website:We encourage you to apply through our website for the best chance of getting noticed. It’s straightforward and ensures your application goes directly to us, so we can review it promptly!
How to prepare for a job interview at Crown Agents Bank
✨Know Your Security Frameworks
Familiarise yourself with key security frameworks like ISO 27001, DORA, and NYDFS. Be ready to discuss how these frameworks apply to the role and demonstrate your understanding of compliance requirements.
✨Showcase Your Organisational Skills
Prepare examples that highlight your ability to manage multiple tasks and track deadlines. Discuss any experience you have with documentation or record-keeping, as this is crucial for the role.
✨Demonstrate Your Communication Skills
Practice articulating your thoughts clearly and concisely. You may be asked to explain complex security concepts, so being able to produce well-structured reports and documentation will be a plus.
✨Express Your Passion for Information Security
Convey your genuine interest in pursuing a career in information security. Share any relevant experiences or projects that sparked your enthusiasm and how you plan to grow within the CISO function.
