Information Security Analyst in London

LifeArc’s Information Security Analyst will play an essential part in maintaining the confidentiality, integrity, and availability of corporate data and help uphold our commitments to data protection and regulatory compliance.

As LifeArc’s Information Security Analyst you will champion information security across LifeArc and will be responsible for evaluating, testing, monitoring and maintaining LifeArc’s information security policies, procedures and systems. You will be our front-line defender to ensure security controls and processes are aligned with industry standards such as ISO 27001 and overall cyber security. You will implement and oversee identity management systems, continuously monitor networks and systems for threats, respond to security incidents and oversee the third-party risk management (TPRM) due diligence process.

Working closely with the Information Security Lead, the Information Security Technician and the wider technology team this role will identify security risks and exposures, determine the causes of any security violations, and suggest improvements to prevent future incidents.

• Implement, maintain, and monitor core security controls including but not limited to managing user access, hardening systems, and ensuring all protective tools and patches are up to date and functioning effectively across LifeArc.
• Continuous monitoring and incident detection through monitoring networks, servers, and endpoints for signs of security incidents or anomalies. Investigate alerts to determine validity and severity.
• Lead LifeArc’s third-party risk assessments through the supplier management process, working with the Information Security Lead (ISL) and Information Security Technician (IST) to identify, assess, and mitigate information security risks across the supplier lifecycle.
• Create, implement and oversee identity management systems in line with security and compliance needs, and manage privileged access using the principle of least privilege.
• Champion compliance with frameworks such as ISO 27001 and help prepare evidence or documentation for any security audits or assessments.
• Perform vulnerability scanning on systems and networks and identify security risks and exposures in the technology environment.

• Strong hands-on knowledge of IT systems and security technologies.
• Experience with configuration of tools such as firewalls and encryption solutions.
• Good working knowledge of industry security standards and frameworks such as ISO 27001, NIST Cybersecurity Framework, SOC 2, or CIS Controls.
• Ability to analyse and interpret security risks – including understanding common threat vectors and vulnerabilities.
• Experience with incident response processes and, ideally, basic digital forensics.
• Ability to analyse and interpret security risks across common threat vectors (phishing, malware, insider threats etc.) and vulnerabilities (software flaws, misconfigurations, human errors).

• Bachelor’s degree in Computer Science, Information Security, Information Technology or a related field is highly desirable.
• CompTIA Security+ or other industry-recognised certifications such as GIAC (Global Information Assurance Certifications).
• Specialised training in areas such as incident response, digital forensics, TPRM, cloud security, or ethical hacking can be advantageous.

• Strong attention to detail when dealing with sensitive data and security records.
• Strong analytical and problem-solving skills.
• Stakeholder management and cross-functional communication excellence to be able to communicate and collaborate within and external stakeholders, including non-security specialists.
• Ability to work with high integrity and confidentiality given the sensitive nature of the work; ensuring an ethical conduct is always practised.

LifeArc is a not-for-profit life science organisation, leading the way for change in rare diseases in the UK and supporting promising initiatives in global health. We seek out research in areas of unmet need that have great potential, providing support to help it become breakthroughs that change lives.

Focused on finding life-changing solutions for underserved patients, our people thrive in an inclusive, supportive environment that prioritises their health and wellbeing. Our multidisciplinary approach guarantees our people growth opportunities, while our culture of innovation and collaboration drives the impact we make delivering on our purpose of ‘putting patients at the centre of everything we do’.

LifeArc is committed to making our recruitment practices as inclusive as possible and developing a culture that values differences. As a Disability Confident Employer, we guarantee an interview to candidates with a disability or long-term health condition who meet the essential criteria for the role.

Salary will be determined by qualifications and experience along with other exceptional benefits. Because we understand everyone has different requirements, our flexible benefits allow you to choose those which are important to you. Our pension scheme offers employer contributions of up to 12%, private health insurance, and annual leave of 31 days plus.