Remote Information Security Analyst (Cyber Essentials+/ISO27001) Contract in Woking

Remote Information Security Analyst (Cyber Essentials+/ISO27001) Contract in Woking

Woking Freelance 48000 - 52000 £ / year (est.) Home office (partial)
Grabjobs

At a Glance

  • Tasks: Identify and manage information security risks while ensuring compliance with Cyber Essentials+ and ISO27001.
  • Company: Join Gigged AI, a leading open talent marketplace in the tech sector.
  • Benefits: Competitive day rate, flexible working options, and potential for contract extension.
  • Other info: Opportunity for career growth and collaboration with diverse teams.
  • Why this job: Make a real impact on information security in a dynamic enterprise environment.
  • Qualifications: Experience in Information Security, Cyber Essentials+, and ISO27001 required.

The predicted salary is between 48000 - 52000 £ per year.

Gigged AI is an open talent marketplace specialising in the IT and technology sector. We have an opportunity for an InfoSec Analyst with experience of Cyber Essentials and ISO27001. This role is preferably hybrid, with 2 days per week in Glasgow City Centre Office. However, flexibility will be considered for any applicants outwith Glasgow.

Location: UK-based

Duration: Initial 3-month contract (expected extension up to 12 months with rolling break clauses)

Start Date: ASAP

Day Rate: £400

IR35 Status: Inside IR35

All applicant proposals will be reviewed directly on the Gigged AI platform by the hiring manager. In order to send a proposal please follow the below steps:

  • Head to www.gigged.ai and create a free talent profile
  • Once signed in, follow this link to the project - Project Link
  • You will now see a 'submit proposal' button
  • Please fill this in (intro, relevant experience, and attach CV to this)

Overview: We are searching for an experienced Information Security Analyst to join our security function on a long-term contract basis. This role will focus heavily on Cyber Essentials+, ISO27001, information security governance, risk management, and internal security assessments across a large enterprise environment.

Key Responsibilities:

  • Identify, analyse, and support the management of information security and IT risks across the business
  • Work closely with stakeholders, vendors, and internal teams to assess security controls and risk exposure
  • Support compliance activities aligned to Cyber Essentials+ and ISO27001 standards
  • Create and maintain information security policies, standards, procedures, and wider GRC documentation
  • Conduct internal security assessments and reviews, clearly documenting findings and recommendations
  • Maintain key security knowledge resources including process documentation, RACIs, training materials, and contract information
  • Collaborate with risk owners to identify, manage, and mitigate vulnerabilities and threats effectively

Key Experience Required:

  • Strong experience within Information Security / GRC environments
  • Proven experience working with Cyber Essentials+ and ISO27001
  • Experience conducting security risk and controls assessments
  • Strong documentation and stakeholder management skills
  • Experience producing and maintaining security policies, standards, and procedures
  • Ability to communicate security findings clearly to both technical and non-technical stakeholders

Nice to Have:

  • Broader vulnerability management exposure
  • Experience working within enterprise-scale or regulated environments
Grabjobs

Contact Details:

Grabjobs Recruitment Team

StudySmarter Expert Advice🤫

We think this is how you could land Remote Information Security Analyst (Cyber Essentials+/ISO27001) Contract in Woking

Get Active on Cybersecurity Forums

Join platforms like Stack Exchange and Reddit’s r/cybersecurity to hang out with industry pros, learn the latest, and share your insights. This will not only boost your visibility but also help you connect with potential clients who might need your freelance services.

Show Off Your Skills with Public Projects

Create a few open-source projects or contribute to existing ones that showcase your cybersecurity skills. Use GitHub to display your work, as this is an excellent way to attract clients looking for freelancers with a proven track record.

Attend Local Conferences and Meetups

Make sure to hit up cybersecurity meetups, workshops, and conferences in your area. These events are goldmines for networking, and you’ll often find people looking for freelancers after a chat over a coffee – so come prepared with your business cards and a killer elevator pitch!

Market Yourself Smartly

Set up a professional website that showcases your portfolio, expertise, and client testimonials. Optimise it for SEO with relevant keywords so potential clients searching for cybersecurity freelancers can easily find you. Don’t forget to link to your site on all your social media and profiles!

We think you need these skills to ace Remote Information Security Analyst (Cyber Essentials+/ISO27001) Contract in Woking

Information Security
Cyber Essentials+
ISO27001
Risk Management
Internal Security Assessments
Security Governance
Stakeholder Management

Some tips for your application 🫡

Show Your Skills Through a Strong Portfolio:Since you're applying for a freelance role in cybersecurity, it's crucial to showcase your technical skills through a detailed portfolio. Include case studies of projects you've worked on, any security tools you've developed or assessed, and specifics on the methodologies you’ve used. This will help Grabjobs understand what you're capable of.

Certifications Matter!:Make sure to list any relevant certifications you hold, such as CISSP, CEH, or CompTIA Security+. Freelance clients often value these credentials as they reflect your expertise and commitment to the field. If you’re actively pursuing more certifications, don’t hesitate to mention that too!

Rates, Availability, and Your Work Style:In your application, it’s essential to be clear about your freelance rates and availability. Clients appreciate transparency. Mention how many hours a week you can dedicate and your preferred working hours, as this sets expectations from the start and shows you're organised and professional.

Tailor Your CV to Highlight Cybersecurity Experience:When crafting your CV, make sure to tailor it specifically to cybersecurity. Highlight projects, tasks, and achievements related to security assessments, vulnerabilities you've mitigated, or compliance work you've undertaken. Keywords relevant to the job can grab attention and increase your chances of landing a spot at Grabjobs.

How to prepare for a job interview at Grabjobs

Showcase Your Cybersecurity Skills

As a freelancer in cybersecurity, it’s crucial we demonstrate not just our knowledge but our practical skills too. Be ready to discuss specific tools you’ve used, like Wireshark or Metasploit, and share relevant experiences where you identified vulnerabilities or mitigated risks in past projects.

Prepare Your Portfolio

Unlike traditional roles, freelancing relies heavily on your portfolio. Let’s curate a selection of past work that showcases our best projects. If we’ve handled penetration tests, audits, or incident responses, be sure to highlight these in your portfolio, and share any client testimonials if we have them.

Stay Updated on Trends and Tools

Cybersecurity is an ever-evolving field, so we should be prepared to chat about recent developments and how they impact our work. Familiarise ourselves with the latest threats, tools, and frameworks, like MITRE ATT&CK, that are pertinent to the projects we’re pitching.

Pitching Your Value as a Freelancer

When freelancing, we often need to negotiate our rates and value propositions. Be ready to explain how our skills can help Grabjobs protect their assets and manage risks. It can help to outline some potential strategies or improvements we could implement for them based on their current setup.