At a Glance
- Tasks: Support InfoSec governance, conduct risk assessments, and drive security awareness training.
- Company: Join a global trading platform focused on modernising information security in finance.
- Benefits: Enjoy a hybrid work model, competitive salary, bonuses, and career development support.
- Other info: Work closely with top stakeholders in a collaborative and ethical environment.
- Why this job: Be part of a high-impact team shaping security for a major market expansion.
- Qualifications: 3+ years in InfoSec, relevant certifications, and strong communication skills required.
The predicted salary is between 48000 - 84000 £ per year.
Information Security Analyst | ISO27001, Rapid7, Protecht | Global Trading Platform
- £60–70k base + 10% bonus
- Hybrid in Coventry with monthly travel to London
- Security certification support & career development built-in
Help shape a high-stakes security program as a hands-on GRC Analyst supporting a global financial institution’s banking expansion. You’ll be central to their mission of scaling a modern InfoSec environment, balancing regulatory rigor, ethical standards and BAU resilience.
You’ll focus on third-party security assessments, metrics reporting, and supporting certification frameworks including ISO27001 and SOC2. Expect close collaboration across risk, technology and compliance stakeholders. All while operating at pace, with visibility and trust from the top down.
What you’ll bring:
- 3+ years in an InfoSec or IT security role within a regulated or financial firm
- Security certifications: SSCP, Security+, or equivalent
- Strong GRC foundation: Able to interpret risk frameworks and speak the language of ISO, SOC2, NIST, etc.
- Comfortable with security tooling and metrics-driven reporting
- Confident communicator: Translate acronyms into action, and engage stakeholders with clarity and purpose
- Ethical mindset: understand when to escalate, when to challenge, and how to own your area
What you’ll be doing:
- ISO27001 & SOC2 governance: day-to-day support of the ISMS, remediation tracking, risk reviews
- Third-party risk assessments: conduct supplier security reviews aligned to appetite and regulatory frameworks
- Security awareness training: drive phishing simulations and curate internal content via Proofpoint
- BAU InfoSec operations: ticket triage, KPI reporting, risk dashboards, vulnerability and patch monitoring
- Compliance tooling: operate and report using platforms like Protecht, Panorays, Rapid7, and Armis
- Banking enablement: keyInfoSec input into a major new market launch
Tech & tools you’ll use:
- Protecht – Enterprise risk & audit platform
- Panorays – Third-party risk management
- Rapid7, Armis – Vulnerability & asset visibility
- Proofpoint – Phishing simulations and awareness content
- Microsoft Purview – Data governance and policy enforcement
- Azure (beneficial) – Cloud IAM, logging, and security monitoring
Why this role?
- High-impact GRC project work tied to new market expansion
- Strong internal security culture: backed by a collaborative team and engaged InfoSec leadership
- A clear opportunity to stretch across awareness, compliance, and operational domains
Information Security Analyst | ISO27001, Rapid7, Protecht | Global Trading Platform
Information Security Analyst in Stockport employer: Prism Digital
As an Information Security Analyst at our global trading platform, you'll thrive in a dynamic hybrid work environment in Coventry, with the added benefit of monthly travel to London. We prioritise employee growth through security certification support and career development opportunities, fostering a strong internal security culture where collaboration and innovation are at the forefront. Join us to play a pivotal role in shaping a high-stakes security programme while enjoying a competitive salary and bonus structure.
StudySmarter Expert Advice🤫
We think this is how you could land Information Security Analyst in Stockport
✨Tip Number 1
Familiarise yourself with ISO27001 and SOC2 frameworks, as these are crucial for the role. Understanding their requirements will help you speak confidently about how you can contribute to the company's compliance efforts.
✨Tip Number 2
Gain hands-on experience with security tools like Rapid7 and Protecht. Being able to demonstrate your proficiency with these platforms during discussions will set you apart from other candidates.
✨Tip Number 3
Network with professionals in the InfoSec community, especially those working in financial institutions. Engaging with them can provide insights into the industry's expectations and may even lead to referrals.
✨Tip Number 4
Prepare to discuss real-world scenarios where you've successfully managed risk or conducted third-party assessments. Concrete examples will showcase your experience and problem-solving skills effectively.
We think you need these skills to ace Information Security Analyst in Stockport
Some tips for your application 🫡
Tailor Your CV:Make sure your CV highlights your experience in InfoSec or IT security roles, especially within regulated or financial firms. Emphasise relevant security certifications like SSCP or Security+, and showcase your understanding of risk frameworks such as ISO27001 and SOC2.
Craft a Compelling Cover Letter:In your cover letter, express your enthusiasm for the role and the company. Discuss how your skills align with their needs, particularly in third-party risk assessments and compliance tooling. Use specific examples to demonstrate your ability to communicate effectively with stakeholders.
Highlight Relevant Experience:When detailing your work experience, focus on your hands-on involvement in GRC projects, security awareness training, and any metrics-driven reporting you've conducted. This will show that you can operate at pace and contribute to their high-stakes security programme.
Showcase Your Ethical Mindset:In your application, mention situations where you've had to make ethical decisions or escalate issues. This is crucial for the role, as they value an ethical mindset and the ability to challenge when necessary.
How to prepare for a job interview at Prism Digital
✨Understand the Regulatory Frameworks
Familiarise yourself with ISO27001, SOC2, and other relevant frameworks. Be prepared to discuss how you have applied these standards in your previous roles, as this will demonstrate your strong GRC foundation.
✨Showcase Your Technical Skills
Be ready to talk about your experience with security tools like Rapid7 and Protecht. Highlight specific instances where you've used these tools for vulnerability assessments or compliance reporting to show your hands-on expertise.
✨Communicate Clearly and Confidently
Practice translating complex security concepts into simple terms. This is crucial for engaging stakeholders effectively. Prepare examples of how you've successfully communicated technical information to non-technical audiences.
✨Demonstrate an Ethical Mindset
Prepare to discuss scenarios where you had to make ethical decisions in your previous roles. Show that you understand when to escalate issues and how to challenge processes while owning your responsibilities.
