At a Glance
- Tasks: Manage information security risks and support compliance with Cyber Essentials+ and ISO27001.
- Company: Join Gigged AI, a leading talent marketplace in the tech sector.
- Benefits: Hybrid work model, competitive pay, and potential for contract extension.
- Other info: Flexible working options available for applicants outside Glasgow.
- Why this job: Make a real impact on information security in a dynamic enterprise environment.
- Qualifications: Experience in Information Security, ISO27001, and strong documentation skills.
The predicted salary is between 40000 - 50000 £ per year.
Gigged AI is an on-demand talent marketplace specialising in the IT and technology sector. We have an opportunity for an InfoSec Analyst with experience of Cyber Essentials and ISO27001. This role is preferably hybrid, with 2 days per week in Glasgow City Centre Office. However, flexibility will be considered for any applicants outwith Glasgow.
Location: UK-based
Duration: Initial 3-month contract (expected extension up to 12 months with rolling break clauses)
Start Date: ASAP
IR35 Status: Inside IR35
Overview
We are searching for an experienced Information Security Analyst to join our security function on a long-term contract basis. This role will focus heavily on Cyber Essentials+, ISO27001, information security governance, risk management, and internal security assessments across a large enterprise environment.
Key Responsibilities
- Identify, analyse, and support the management of information security and IT risks across the business
- Work closely with stakeholders, vendors, and internal teams to assess security controls and risk exposure
- Support compliance activities aligned to Cyber Essentials+ and ISO27001 standards
- Create and maintain information security policies, standards, procedures, and wider GRC documentation
- Conduct internal security assessments and reviews, clearly documenting findings and recommendations
- Maintain key security knowledge resources including process documentation, RACIs, training materials, and contract information
- Collaborate with risk owners to identify, manage, and mitigate vulnerabilities and threats effectively
Key Experience Required
- Strong experience within Information Security / GRC environments
- Proven experience working with: ISO27001
- Experience conducting security risk and controls assessments
- Strong documentation and stakeholder management skills
- Experience producing and maintaining security policies, standards, and procedures
- Ability to communicate security findings clearly to both technical and non-technical stakeholders
Nice to Have
- Broader vulnerability management exposure
- Experience working within enterprise-scale or regulated environments
InfoSec Analyst with experience of Cyber Essentials and ISO27001. - Inside IR35 - Glasgow employer: Gigged.AI
At Gigged AI, we pride ourselves on being an exceptional employer, offering a dynamic work culture that fosters innovation and collaboration. Our Glasgow City Centre office provides a vibrant environment for our InfoSec Analysts, with opportunities for professional growth through exposure to cutting-edge security practices and compliance standards like Cyber Essentials and ISO27001. We value flexibility and support our employees' work-life balance, making us an attractive choice for those seeking meaningful and rewarding careers in the IT sector.
StudySmarter Expert Advice🤫
We think this is how you could land InfoSec Analyst with experience of Cyber Essentials and ISO27001. - Inside IR35 - Glasgow
✨Tip Number 1
Network like a pro! Reach out to your connections in the InfoSec field, especially those who have experience with Cyber Essentials and ISO27001. A friendly chat can lead to insider info about job openings or even referrals.
✨Tip Number 2
Prepare for interviews by brushing up on your knowledge of information security governance and risk management. We recommend practising common interview questions related to your experience with security assessments and compliance activities.
✨Tip Number 3
Showcase your skills! Create a portfolio that highlights your previous work with security policies and procedures. This will give potential employers a clear view of what you can bring to the table.
✨Tip Number 4
Don’t forget to apply through our website! It’s the best way to ensure your application gets noticed. Plus, we love seeing candidates who are proactive about their job search.
We think you need these skills to ace InfoSec Analyst with experience of Cyber Essentials and ISO27001. - Inside IR35 - Glasgow
Some tips for your application 🫡
Tailor Your CV:Make sure your CV highlights your experience with Cyber Essentials and ISO27001. We want to see how your skills match the job description, so don’t be shy about showcasing relevant projects or roles you've had.
Craft a Compelling Cover Letter:Your cover letter is your chance to shine! Use it to explain why you’re passionate about information security and how your background makes you a perfect fit for this role. Keep it concise but impactful!
Showcase Your Communication Skills:Since you'll be working with both technical and non-technical stakeholders, it's crucial to demonstrate your ability to communicate complex security concepts clearly. We love seeing examples of how you've done this in the past!
Apply Through Our Website:We encourage you to apply directly through our website. It’s the best way for us to receive your application and ensures you’re considered for the role. Plus, it’s super easy!
How to prepare for a job interview at Gigged.AI
✨Know Your Standards
Make sure you brush up on Cyber Essentials and ISO27001 before the interview. Be ready to discuss how you've applied these standards in your previous roles, as this will show your expertise and understanding of the requirements.
✨Showcase Your Risk Management Skills
Prepare examples of how you've identified and managed information security risks in past positions. Use specific scenarios to illustrate your problem-solving skills and how you collaborated with stakeholders to mitigate vulnerabilities.
✨Document Your Achievements
Bring along documentation that highlights your experience with security policies, standards, and procedures. This could include examples of internal assessments you've conducted or compliance activities you've supported, which will demonstrate your hands-on experience.
✨Communicate Clearly
Practice explaining complex security concepts in simple terms. You'll likely need to communicate findings to both technical and non-technical stakeholders, so being able to articulate your thoughts clearly is crucial for success in this role.
