Gigged AI is an open talent marketplace specialising in the IT and technology sector. We
have an opportunity live at the moment for a InfoSec Analyst with experience of Cyber Essentials and ISO27001.
This role is preferably hybrid, with 2 days per week in Glasgow City Centre Office. However flexibility will be considered for any applicants outwith Glasgow.
Location: UK-based
Duration: Initial 3-month contract (expected extension up to 12 months with rolling break clauses)
Start Date: ASAP
Day Rate: Β£400
IR35 Status: Inside IR35
All applicant proposals will be reviewed directly on the Gigged AI platform by the hiring manager.
In order to send a proposal please follow the below steps:
- head to and create a free talent profile
- once signed in, follow this link to the project -
- you will now see a 'submit proposal' button
- please fill this in (intro, relevant experience, and attach CV to this)
Overview
We are searching for an experienced Information Security Analyst to join our security function on a long-term contract basis.
This role will focus heavily on Cyber Essentials+, ISO27001, information security governance, risk management, and internal security assessments across a large enterprise environment.
Key Responsibilities
- Identify, analyse, and support the management of information security and IT risks across the business
- Work closely with stakeholders, vendors, and internal teams to assess security controls and risk exposure
- Support compliance activities aligned to Cyber Essentials+ and ISO27001 standards
- Create and maintain information security policies, standards, procedures, and wider GRC documentation
- Conduct internal security assessments and reviews, clearly documenting findings and recommendations
- Maintain key security knowledge resources including process documentation, RACIs, training materials, and contract information
- Collaborate with risk owners to identify, manage, and mitigate vulnerabilities and threats effectively
Key Experience Required
- Strong experience within Information Security / GRC environments
- Proven experience working with:
- Cyber Essentials+
- ISO27001
- Experience conducting security risk and controls assessments
- Strong documentation and stakeholder management skills
- Experience producing and maintaining security policies, standards, and procedures
- Ability to communicate security findings clearly to both technical and non-technical stakeholders
Nice to Have
- Broader vulnerability management exposure
- Experience working within enterprise-scale or regulated environments
