Contact
Search Jobs
Register

Information Security Analyst

727
UK
Permanent
Competitive base salary plus excellent company benefits

Apply now

Why choose us? 

Choosing to work for SMS means choosing to make a difference. We are changing how businesses and consumers use energy for the better, helping achieve a greener, sustainable, and more affordable energy system for everyone. Through our range of innovative energy solutions, we are delivering the future of smart energy – working closely with private and public sector partners we are playing a critical role in transforming and decarbonising the UK economy by 2050.  

 

What's in it for you? 

  • 25 personal holiday days per year (with additional 8 public holidays) increasing to 30 personal days after 5 years of service (includes options to buy and sell) 
  • Hybrid working options. 
  • Enhanced Maternity leave. Paternity and Adoption leave. 
  • Automatic enrolment into our Employee Ownership Scheme.
  • 24/7 free and confidential employee assistance service. 
  • Medicash health plan offers a wide variety of benefits from cashback on everyday healthcare treatments like optical, dental and physio treatments. Discounted gym memberships and free 24/7 online GP. 
  • Life Insurance (4 x annual salary) 
  • Pension matching scheme (up to 5% of salary) 
  • Developing our people is important to us - we support and encourage development by offering internal and external accredited courses, secondments and study support. 

 

 Visit Our People page

What's the role?

The Information Security Analyst, working as part of a wider Information Security team, handling the day-to-day administration of internal infosec, ISMS, audits, including implementation/ adherence to Information Security standards including ISO27001, Cyber Essentials Plus and NIST CSF. Compliance with GDPR regulations and reporting on the implementation of technical controls as needed.

You will support responding to customer and supplier audits, tracking the results, and ensuring any remedial actions are carried out as well as generating management information for various steering level groups. Furthermore, you will be involved in other consulting works as part of the wider InfoSec and IT teams.

The role will report to the Head of Information Security, the scope will cover the SMS PLC group and its subsidiaries to carry out the key responsibilities specified below. Building relationships with internal and external stakeholders is key in delivering against the key metrics within the information security team. The role may involve travel to sites across the UK to perform onsite security audits facilitating both internal and external parties.

In summary, the role is about collaborating with others to enhance the maturity of the organisations IT & Information Security function enabling the business to operate securely and efficiently without compromising productivity. 

This role is offered on a 40 hour contract. The working hours are 8:30 to 5pm, Monday to Friday.

 

Key Responsibilities:

  • Management the Information Security Management System, including writing policies, standards or procedures.
  • Driving maturity against information security standards including ISO27001 and NIST Cyber Security Framework (CSF).
  • Maintaining the IT Risk Register by carrying out regular risk assessments across the group.
  • Supply guidance to Business stakeholders around Information Security/GDPR/Data privacy concerns.
  • Conducting Internal Assessments against ISO 27001 (UK site travel may be needed).
  • Assisting with External Audit Request Process.
  • Report Generation across Information Security areas of responsibility.
  • Data Governance response tasks and data cleansing.
  • Third-party supplier management, RFCs, due diligence.

 

To be considered for this role, we would love you to have/be:

  • A certified Information Systems Auditor (CISA or equivalent).
  • A degree in Information Technology/Computer Information Systems (or equivalent).
  • ISO27001 Lead Auditor/Implementer Certification.
  • Experience of ISO27001 implementation and auditing.
  • Experience of Cyber Essentials Plus.
  • Demonstratable experience within an information security role, with extensive experience on information security processes and regulations.
  • The ability to work under pressure in a fast-paced and developing environment.
  • Strong attention to detail with an analytical mind and excellent problem-solving skills.

 

#LI-Remote



Download Job Profile

Register
Phone
Cookies on this website
We to ensure that we give you the best experience on our website. If you wish you can restrict or block cookies by changing your browser setting. If you continue without changing your settings, we'll assume that you are happy to receive all cookies on this website.

View our Cookie Policy

Accept Essential OnlyAccept All