Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Join our GRC Team as an Information Security Analyst, ensuring security compliance and managing risks.
- Company: MPS is a leading not-for-profit organisation protecting healthcare professionals worldwide.
- Benefits: Enjoy a competitive salary, annual bonus, generous pension, private medical cover, and shopping discounts.
- Why this job: Make a real impact in healthcare by enhancing security and supporting professionals globally.
- Qualifications: Experience in information security, risk analysis, and project management is essential.
- Other info: We celebrate diversity and encourage all backgrounds to apply, fostering an inclusive work environment.
The predicted salary is between 28800 - 48000 £ per year.
Role Title: Information Security Analyst – GRC
Location: Leeds (Hybrid – 2 days per week on site)
Contract: Permanent
Working Pattern: Full Time (37.5 hours p/w)
Salary: £50,000 – £60,000
We have an exciting opportunity for an experienced Information Security Analyst to join our established GRC Information Security team in Leeds
As a trusted expert in Information Security and Risk Management, you\’ll play a key role in shaping how new systems and processes are developed, ensuring they meet essential security and compliance requirements including ISO 27001, PCI-DSS and industry best practise.
You\’ll also lead security risk assessments and manage the remediation of vulnerabilities, risks, and audit findings across MPS\’s networks, systems and software applications, driving a secure-by-design methodology throughout the organisation. By helping to deliver consistent, high-quality security assurance and controls, you\’ll support the reduction or remediation of information security risks across the organisation
As our new Information Security Analyst, you will also
Monitor for and provide robust challenge of emerging risks and issues arising from business activities which fail to deliver appropriate and consistent outcomes for our members
Work with Security Operations to identify further security awareness requirements following incidents and current threats
Drive and coordinate remediation of risks and audit findings identified that enhance weakness in MPS security controls.
Work on and drive security-related projects, to ensure security requirements have been met and call out any risks identified against MPS risk appetite
Liaise with relevant teams in specialist areas to manage security and ensure contractual and regulatory requirements are
We are looking for:
Significant experience of information security from a technical and compliance perspective
Working knowledge of security domains, auditing standards and frameworks and risk analysis frameworks including ISO 27001 and Cyber Essentials etc.
Experience of managing technical projects from design to implementation
Excellent attention to detail, analytical skills and an ability to analyse complex technical information in order to identify patterns, trends and risks
Strong stakeholder management experience
Ability to communicate with a range of technical and non-technical team members and other relevant individuals at all levels of the business
We welcome applicants from all backgrounds, and we encourage you to apply even if you feel you do not match 100% of the technical requirements. We celebrate diversity, promote inclusivity and strive to create a work environment which ensures everyone can be heard.
In return, we can offer you:
Discretionary on-target bonus of 10%. Up to a max 20% based on performance11% pension contribution (3% from you, 8% from us – optional additional matched 3% contributions, e.g. 6% from you, 11% from us)
25 days annual leave. Flexible public holidays and option to buy/sell additional leave
Private Medical Cover
Car Salary Sacrifice scheme
6x salary death in service
Holistic health and wellbeing support package
A truly flexible hybrid-working arrangement
A culture that promotes inclusivity, wellbeing and rewards hard work
Who We Are
Medical Protection Society (MPS) is the world\’s leading protection organisation for Doctors, Dentists and healthcare professionals. We protect and support the professional interests of almost 350,000 Members around the world.
We are a not-for-profit organisation, meaning our Members\’ premiums are kept safe should our Members require support for complaints or claims arising from professional practice, or invested into bettering the organisation, our colleagues and our products.
Our philosophy is to support safe practice in medicine and dentistry by helping to avert problems in the first place. We also actively campaign for regulatory and legal reforms that benefit Members and the wider healthcare professions.
To do this, we need colleagues who are tr usted and supported to deliver their best work, whether that be through leadership development, fully-funded training courses or peer-to-peer support. We want our colleagues to feel empowered enough to deliver positive change, display ambition to push themselves and are determined when faced with a challenge, whilst ensuring our Member\’s best interests are at the core.
Next Steps
If you are interested in finding out more, looking for a new role and want to join an organisation that truly values its employees, take a look at the role profile to find out more about the role to apply.
Our Talent Acquisition team are always on hand should you have any questions, are having any technical issues or wish to understand how MPS can support you with your application and interview. You can contact our Talent Acquisition team by emailing
Information Security Analyst employer: Medical Protection Society
Contact Detail:
Medical Protection Society Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Information Security Analyst
✨Tip Number 1
Familiarise yourself with ISO 27001 and PCI-DSS standards, as these are crucial for the role. Understanding these frameworks will not only help you in interviews but also demonstrate your commitment to compliance and security best practices.
✨Tip Number 2
Network with professionals in the information security field, especially those who have experience in GRC (Governance, Risk Management, and Compliance). Engaging with industry experts can provide insights into the role and may even lead to referrals.
✨Tip Number 3
Prepare to discuss specific security projects you've managed, focusing on your role in risk assessments and remediation efforts. Highlighting your hands-on experience will show that you can drive security-related projects effectively.
✨Tip Number 4
Stay updated on current security threats and trends. Being knowledgeable about recent incidents and how they were handled can set you apart during discussions and demonstrate your proactive approach to security.
We think you need these skills to ace Information Security Analyst
Some tips for your application 🫡
Tailor Your CV: Make sure your CV highlights relevant experience in information security, risk management, and compliance. Use keywords from the job description, such as ISO 27001 and PCI-DSS, to demonstrate your fit for the role.
Craft a Compelling Cover Letter: Write a cover letter that showcases your passion for information security and your understanding of the role. Mention specific projects or experiences that align with the responsibilities outlined in the job description.
Highlight Technical Skills: Clearly outline your technical skills related to information security, including any experience with security frameworks and risk analysis. Provide examples of how you've applied these skills in previous roles.
Showcase Communication Abilities: Since the role requires communication with both technical and non-technical team members, include examples of how you've successfully communicated complex information in past positions. This will demonstrate your ability to bridge the gap between different stakeholders.
How to prepare for a job interview at Medical Protection Society
✨Understand the Security Frameworks
Familiarise yourself with ISO 27001, PCI-DSS, and other relevant security frameworks. Be prepared to discuss how these standards apply to the role and how you have implemented them in past experiences.
✨Showcase Your Risk Management Skills
Be ready to provide examples of how you've conducted security risk assessments and managed vulnerabilities. Highlight specific projects where you drove remediation efforts and improved security controls.
✨Communicate Effectively
Demonstrate your ability to communicate complex technical information to both technical and non-technical stakeholders. Prepare to explain how you would liaise with different teams to ensure compliance and security requirements are met.
✨Prepare for Scenario-Based Questions
Expect scenario-based questions that assess your problem-solving skills in real-world situations. Think about past incidents you've handled and how you approached them, focusing on your analytical skills and attention to detail.
