Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Support security assurance by assessing and advising on security across projects and services.
- Company: Join SGN, a leader in innovative energy solutions and safety.
- Benefits: Enjoy a competitive salary, hybrid work, enhanced parental leave, and more.
- Why this job: Make a real impact in cyber security while working with cutting-edge technologies.
- Qualifications: Degree in a relevant field and certifications like CISM or CISSP preferred.
- Other info: Diverse and inclusive workplace with opportunities for growth and development.
The predicted salary is between 44400 - 55500 £ per year.
Here at SGN we are looking for an Information Security Assurance Analyst providing support to the security assurance function in triaging, assessing, and providing security advisory services across all programmes, projects, and steady state services. You will be responsible for providing assurance to the SGN leadership team regarding the design and operating effectiveness of the security controls within both SGN's IT and OT environments. You will work collaboratively with risk management, business analysts, project managers, architects, and support teams to identify, evaluate, report, and mitigate risks. In addition, you will be responsible for reviewing and identifying security control gaps in design documents, providing remediation and mitigation recommendations.
Here's how you will contribute:
- Perform a threat modelling exercise of all projects and provide mitigating cyber security requirements to help ensure the secure delivery of compliant systems, applications, and business processes.
- Review both high/low level architecture definition documents for compliance against security policies, standards, and regulatory requirements, and attend Technical Design Authority (TDA) and Architecture Review Board (ARB) meetings to provide security signoffs.
- Manage a team of security assurance analysts/consultants providing thought leadership across a number of assurance functions, and helping to navigate through senior management approvals thereby allowing for seamless and smooth engagements with project delivery teams.
- Perform cyber security risk assessments, compliance checks, audits, and reviews to ensure that appropriate security controls are in place and highlight any deficiencies and gaps for management consideration.
- Provide cyber security assurance activities by ensuring implemented solutions are a replica of agreed and approved architecture definition documents, helping to facilitate penetration testing as per local Cyber policies, whilst providing security advice, in collaboration with Corporate Cyber Security, and support to management, BAU, and projects to comply with both global and local requirements and obligations.
- Maintain and communicate relevant local security procedures aligned with necessary Cyber Security rules, processes, procedures, and standards.
- Where required, propose solutions and coordinate delivery of mitigating actions to ensure risk levels are aligned with risk appetite.
- Perform compliance checks to ensure Cyber Security controls are operating as designed.
What you will need:
- The individual should be educated to degree level in a relevant discipline.
- Must be one of CISM/CISSP/CCSP/TOGAF/CRISC/AWS Solution Architect or equivalent certified or willing to undergo certification on the job.
- Must have expertise in Cloud (IaaS, PaaS, SaaS), in particular AWS and Azure.
- Must have proven expertise in three of the following security domain areas: Vulnerability Assessment and Management, Security Risk and Compliance, Cloud Security Architecture, Application Security, Security Operations Centre and Investigations, Incident Management, and Security Engineering.
- Must have 2-3 years' cyber security experience.
- Good understanding and practical experience of Cyber Security Frameworks and standards such as NCSC security principles, NIST Framework, ISO 27001, ISO 27005, IEC 62443 etc.
- Good understanding of Cyber Assurance Framework and experience with working with Regulators and providing compliance updates for OT environment.
Not sure you meet every requirement? Research shows some people - particularly women and those from underrepresented backgrounds - may hesitate to apply unless they meet every criteria. At SGN, we value diverse backgrounds, experiences, and perspectives. If this role interests you but you're not sure you tick every box, we'd still love to hear from you. You might be just who we're looking for – now or in the future.
Why SGN? SGN is a leader in pioneering research and development toward a net-zero energy system. Our cutting-edge technologies and innovative thinking are driving change in the gas industry, all while keeping people safe and warm.
If you require any accommodations or support during the application process, reach out to us. We're here to help ensure an inclusive and accessible experience for everyone.
Information Security Assurance Analyst employer: SGN
Contact Detail:
SGN Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Information Security Assurance Analyst
✨Tip Number 1
Network like a pro! Reach out to folks in the industry on LinkedIn or at local meetups. A friendly chat can open doors that a CV just can't.
✨Tip Number 2
Prepare for interviews by researching SGN and its projects. Show us you’re genuinely interested in our mission and how you can contribute to our security assurance efforts.
✨Tip Number 3
Practice your responses to common interview questions, especially around cyber security scenarios. We want to see how you think on your feet and tackle real-world challenges.
✨Tip Number 4
Don’t forget to follow up after your interview! A quick thank-you email can leave a lasting impression and show us you’re keen on the role.
We think you need these skills to ace Information Security Assurance Analyst
Some tips for your application 🫡
Tailor Your CV: Make sure your CV is tailored to the Information Security Assurance Analyst role. Highlight relevant experience and skills that match the job description, especially in areas like cyber security frameworks and risk management.
Craft a Compelling Cover Letter: Your cover letter is your chance to shine! Use it to explain why you're passionate about this role and how your background makes you a great fit. Don’t forget to mention any specific projects or experiences that relate to the responsibilities outlined in the job description.
Showcase Your Certifications: If you've got certifications like CISM, CISSP, or AWS Solution Architect, make sure they’re front and centre in your application. These qualifications are key for this role, so don’t be shy about flaunting them!
Apply Through Our Website: We encourage you to apply through our website for the best chance of being noticed. It’s super easy, and you’ll be able to keep track of your application status. Plus, we love seeing applications come directly from our site!
How to prepare for a job interview at SGN
✨Know Your Stuff
Make sure you brush up on your knowledge of cyber security frameworks like NIST and ISO 27001. Be ready to discuss how you've applied these in past roles, especially in areas like vulnerability assessment and cloud security.
✨Showcase Your Experience
Prepare specific examples from your 2-3 years of cyber security experience that highlight your expertise in security risk and compliance. Use the STAR method (Situation, Task, Action, Result) to structure your answers.
✨Understand the Role
Familiarise yourself with SGN's mission and the specifics of the Information Security Assurance Analyst role. Be prepared to discuss how you can contribute to their goal of ensuring secure delivery of compliant systems and applications.
✨Ask Insightful Questions
Prepare thoughtful questions about the team dynamics, the tools they use for threat modelling, and how they measure the effectiveness of security controls. This shows your genuine interest in the role and helps you assess if it's the right fit for you.
