Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Support a global financial institution's security program with hands-on GRC analysis.
- Company: Join a leading global trading platform focused on modern InfoSec environments.
- Benefits: Enjoy a hybrid work model, competitive salary, bonuses, and career development support.
- Why this job: Be part of impactful projects in a collaborative culture with strong leadership.
- Qualifications: 3+ years in InfoSec, relevant security certifications, and a solid GRC foundation required.
- Other info: Monthly travel to London and opportunities for professional growth.
The predicted salary is between 48000 - 84000 £ per year.
Information Security Analyst | ISO27001, Rapid7, Protecht | Global Trading Platform
- £60–70k base + 10% bonus
- Hybrid in Coventry with monthly travel to London
- Security certification support & career development built-in
Help shape a high-stakes security program as a hands-on GRC Analyst supporting a global financial institution’s banking expansion. You’ll be central to their mission of scaling a modern InfoSec environment, balancing regulatory rigor, ethical standards and BAU resilience.
You’ll focus on third-party security assessments, metrics reporting, and supporting certification frameworks including ISO27001 and SOC2. Expect close collaboration across risk, technology and compliance stakeholders. All while operating at pace, with visibility and trust from the top down.
What you’ll bring:
- 3+ years in an InfoSec or IT security role within a regulated or financial firm
- Security certifications: SSCP, Security+, or equivalent
- Strong GRC foundation: Able to interpret risk frameworks and speak the language of ISO, SOC2, NIST, etc.
- Comfortable with security tooling and metrics-driven reporting
- Confident communicator: Translate acronyms into action, and engage stakeholders with clarity and purpose
- Ethical mindset: understand when to escalate, when to challenge, and how to own your area
What you’ll be doing:
- ISO27001 & SOC2 governance: day-to-day support of the ISMS, remediation tracking, risk reviews
- Third-party risk assessments: conduct supplier security reviews aligned to appetite and regulatory frameworks
- Security awareness training: drive phishing simulations and curate internal content via Proofpoint
- BAU InfoSec operations: ticket triage, KPI reporting, risk dashboards, vulnerability and patch monitoring
- Compliance tooling: operate and report using platforms like Protecht, Panorays, Rapid7, and Armis
- Banking enablement: key InfoSec input into a major new market launch
Tech & tools you’ll use:
- Protecht – Enterprise risk & audit platform
- Panorays – Third-party risk management
- Rapid7, Armis – Vulnerability & asset visibility
- Proofpoint – Phishing simulations and awareness content
- Microsoft Purview – Data governance and policy enforcement
- Azure (beneficial) – Cloud IAM, logging, and security monitoring
Why this role?
- High-impact GRC project work tied to new market expansion
- Strong internal security culture: backed by a collaborative team and engaged InfoSec leadership
- A clear opportunity to stretch across awareness, compliance, and operational domains
Information Security Analyst | ISO27001, Rapid7, Protecht | Global Trading Platform
Information Security Analyst employer: Prism Digital
Contact Detail:
Prism Digital Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Information Security Analyst
✨Tip Number 1
Familiarise yourself with ISO27001 and SOC2 frameworks, as these are crucial for the role. Understanding the nuances of these standards will not only help you in interviews but also demonstrate your commitment to the field.
✨Tip Number 2
Engage with online communities or forums related to information security, especially those focusing on GRC (Governance, Risk, Compliance). Networking with professionals in the field can provide insights and potentially lead to referrals.
✨Tip Number 3
Showcase your experience with security tools like Rapid7 and Protecht during discussions. Being able to speak confidently about your hands-on experience with these platforms will set you apart from other candidates.
✨Tip Number 4
Prepare to discuss real-world scenarios where you've had to communicate complex security concepts to non-technical stakeholders. This will highlight your ability to translate technical jargon into actionable insights, a key skill for this role.
We think you need these skills to ace Information Security Analyst
Some tips for your application 🫡
Tailor Your CV: Make sure your CV highlights relevant experience in InfoSec or IT security roles, especially within regulated or financial firms. Emphasise your familiarity with ISO27001, SOC2, and any security certifications you hold.
Craft a Compelling Cover Letter: In your cover letter, express your enthusiasm for the role and the company. Discuss how your skills align with their needs, particularly in GRC frameworks and third-party risk assessments. Use specific examples to demonstrate your expertise.
Showcase Communication Skills: Since the role requires confident communication, ensure your application reflects your ability to translate complex security concepts into clear language. Highlight experiences where you've successfully engaged stakeholders or led training sessions.
Highlight Ethical Mindset: Given the importance of an ethical mindset in this role, include examples in your application that showcase your ability to identify when to escalate issues or challenge processes. This will demonstrate your understanding of the responsibilities involved.
How to prepare for a job interview at Prism Digital
✨Understand the Regulatory Frameworks
Familiarise yourself with ISO27001, SOC2, and other relevant frameworks. Be prepared to discuss how you have applied these standards in your previous roles, as this will demonstrate your strong GRC foundation.
✨Showcase Your Technical Skills
Be ready to talk about your experience with security tools like Rapid7 and Protecht. Highlight specific instances where you've used these tools for vulnerability management or risk assessments, as practical examples will impress the interviewers.
✨Communicate Clearly and Confidently
Practice translating complex security concepts into simple terms. The ability to engage stakeholders with clarity is crucial, so consider preparing a few examples of how you've successfully communicated technical information in the past.
✨Demonstrate an Ethical Mindset
Prepare to discuss scenarios where you had to make ethical decisions in your previous roles. Show that you understand when to escalate issues and how to take ownership of your responsibilities, as this aligns with the company's values.
