Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Join us as an Information Security Compliance Analyst, ensuring our security measures are top-notch.
- Company: Be part of a dynamic legal team focused on safeguarding information security in a growing organisation.
- Benefits: Enjoy 25 days holiday, private medical insurance, and a competitive pension scheme.
- Why this job: Make a real impact on our security culture while collaborating with diverse teams and stakeholders.
- Qualifications: Experience in audit functions and knowledge of security frameworks like ISO27001 and NIST is essential.
- Other info: This role offers opportunities for ongoing training and the chance to volunteer for charity work.
The predicted salary is between 36000 - 60000 £ per year.
In this newly created position, you will be responsible for planning, preparing and undertaking a wide range of Information Security activities. You will work closely with internal and external audit teams and other stakeholders to ensure the effectiveness and compliance of the organization's information security measures. You will also work closely with the procurement team, business units, and third-party vendors to ensure that all third-party risks are identified, assessed, and managed effectively. Strong knowledge of Information Security governance frameworks is essential for this position.
You will be required to use your knowledge and experience to test, document, evaluate, remediate, and improve controls related to Information Security for effectiveness and operational efficiency. You will need to be able to audit all areas of the business where it is needed and take the lead when required. Within this role you will be responsible for supporting customer audits and responding to customer queries on Information Security and Information Systems and the associated functional processes and controls. You will also support third-party auditors to co-ordinate external audit activities to maintain and ensure compliance with industry standards. This will include managing the closure of any actions or findings raised. This new role offers an opportunity to be part of newly established functions to ensure we can evidence the measures put in place to protect our business and that of our customers.
You must be a highly effective communicator and a supportive team player, taking a consultative approach whilst maintaining the integrity and independence of the General Affairs department. You will combine an ability to navigate organisational politics and manage stakeholders, with a talent for operational delivery and a strong sense of accountability for results.
Main Responsibilities- Review existing documentation of IT controls, business processes, policies, procedures, and management reports for effectiveness and sustainability.
- Review, document, evaluate, and test manual and automated controls throughout the IT environment.
- Develop and implement audit testing methodologies.
- Design audit programs to ensure ongoing evaluation and validation of IT control effectiveness.
- Lead and conduct Information Security internal and external audits working to industry standards such as CIS, SOX and ISO27001.
- Assessment and evaluation of suppliers’ capabilities against applicable requirements, including GGS policies, standards and procedures.
- Lead and conduct Information Security risk assessments of suppliers and vendors.
- Work across internal stakeholders to collaborate and ensure that controls adhere to defined policies, process and procedures.
- Work with procurement and business units to ensure that suppliers and vendors comply with cyber security policies and standards.
- Lead the completion of customer RFP, RFI due-diligence responses, working across multiple functions, including Sales, Product Development, Information Security and Information Systems to collate applicable information.
- Interpret audit results and make conclusions on the adequacy and reliability of controls; prepare and present reports as necessary.
- Prioritize audit findings based on severity of risk and non-compliance.
- Must have experience of working in an audit function.
- Knowledge of Information Security frameworks such as NIST, CIS, SOX, Cyber Essentials, ISO27001, PCI-DSS and SOC.
- Contribute to an effective Information Security culture in support of audit objectives.
- Establish and maintain relationships across stakeholders, functional teams and external audit teams on relevant standards and frameworks.
- A good understanding of Information Security controls.
- Ability to appropriately identify and manage Information Security risks identified through audit completion in line with the business's risk appetite.
- Able to produce clear and comprehensive audit documentation.
- Strong written and verbal communication skills.
- Commitment to excellence and high standards; strong organizational skills; able to manage time, priorities and workload.
- Ability to work autonomously and drive improvement.
- Comfortable to challenge seniority and existing processes.
- Knowledge of OneTrust or ServiceNow an advantage.
- 25 days' holiday a year with the opportunity to buy up to five additional days each year.
- Competitive Company pension scheme.
- Ongoing training and development.
- Private medical insurance for all employees, (enhanced membership can be purchased for other family members).
- Life assurance.
- Income protection scheme.
- Dental insurance for all employees.
- Employee assistance programme.
- Loyalty awards.
- Employee wellbeing events and Mental Health First Aiders.
- Employee My Benefits portal offering extensive retail discounts.
- Opportunity to volunteer for charity work.
Information Security Compliance Analyst employer: Glory Ltd.
Contact Detail:
Glory Ltd. Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Information Security Compliance Analyst
✨Tip Number 1
Familiarise yourself with the key Information Security frameworks mentioned in the job description, such as NIST, CIS, and ISO27001. Being able to discuss these frameworks confidently during your interview will demonstrate your expertise and understanding of the role.
✨Tip Number 2
Network with professionals in the Information Security field, especially those who have experience in audit functions. Engaging with them can provide you with insights into the role and may even lead to referrals or recommendations.
✨Tip Number 3
Prepare to discuss specific examples of how you've managed Information Security risks in previous roles. Highlighting your practical experience will help you stand out as a candidate who can effectively contribute to our team.
✨Tip Number 4
Showcase your communication skills by preparing to explain complex Information Security concepts in simple terms. This will be crucial when interacting with stakeholders and ensuring everyone understands the importance of compliance.
We think you need these skills to ace Information Security Compliance Analyst
Some tips for your application 🫡
Tailor Your CV: Make sure your CV highlights relevant experience in Information Security and compliance. Emphasise your familiarity with frameworks like NIST, CIS, and ISO27001, as well as any audit experience you have.
Craft a Strong Cover Letter: In your cover letter, explain why you're passionate about Information Security and how your skills align with the responsibilities of the role. Mention specific experiences that demonstrate your ability to manage risks and conduct audits.
Showcase Communication Skills: Since strong communication is key for this role, provide examples in your application that illustrate your ability to communicate effectively with stakeholders and present audit findings clearly.
Highlight Team Collaboration: Discuss your experience working in teams, especially in cross-functional settings. This role requires collaboration with various departments, so showcasing your teamwork skills will be beneficial.
How to prepare for a job interview at Glory Ltd.
✨Know Your Frameworks
Familiarise yourself with key Information Security frameworks such as NIST, CIS, SOX, and ISO27001. Be prepared to discuss how these frameworks apply to the role and your previous experiences in implementing or auditing them.
✨Demonstrate Communication Skills
As a compliance analyst, effective communication is crucial. Practice articulating complex information security concepts clearly and concisely. Be ready to showcase examples of how you've successfully communicated with stakeholders in past roles.
✨Prepare for Scenario-Based Questions
Expect scenario-based questions that assess your problem-solving skills and ability to manage risks. Think of specific instances where you identified a risk, evaluated it, and implemented controls to mitigate it, and be ready to share those stories.
✨Showcase Your Audit Experience
Highlight your experience in conducting audits, both internal and external. Be prepared to discuss your approach to developing audit programs, interpreting results, and managing findings, as this will demonstrate your capability to fulfil the role's responsibilities.
