Information Security & Compliance Analyst

Job Title: Information Security & Compliance Analyst
Location: Cardiff Bay, Wales
Salary: £30-45k depending on experience
Department: Information Security & Compliance
Reports To: Information Security & Compliance Manager


We have an exciting opportunity for an Information Security and Compliance Analyst to join our growing team. As an analyst you will be responsible for assisting and improving the day-to-day support of the ISO27001 certified information security management system/policy suite. You will also support delivery of the user awareness programme and delivery of targeted training to a variety of audiences from sales staff to senior management.

Creditsafe is an inclusive employer, strongly believing that everyone is unique and there should be no limits to ambition. We welcome your application whatever your background or situation

The ideal candidate will have:

• A good understanding of information security standards and best practice.
• An awareness of laws and regulations relevant to the protection of information and the potential consequences of non-compliance.
• An understanding of how information security can impact an organisation.
• Experience of document lifecycle development for a large organisation.
• The ability to advance stakeholder thinking on information security management.
• Good experience in training and awareness, compliance or governance roles.
• A driven and proactive attitude.

Key Responsibilities:

• Contributing to the effectiveness of the information security management system (including documentation review and governance).
• Regularly documenting, reviewing and updating information security policy policies, procedures and standards based on feedback from internal/external audits, the team and stakeholders.
• Managing the information security user awareness programme.
• Managing the continuous service improvement register and associated tasks and tracking.
• Supporting expansion of new certification programmes across the business.
• Supporting the Information Security and Compliance Manager and team in delivering the information security strategy.

• Clear and concise communicator.
• Knowledge of information security and compliance frameworks such as ISO27001, Cyber Essentials etc.
• Ability to engage with stakeholders at all levels.
• Ability to present training content in an engaging way.
• Ability to collaborate with multidisciplinary teams.
• Strong organisational and task management skills.
• Strong Microsoft SharePoint Online, Excel, Word, PowerPoint and Visio skills.
• Has an understanding of information security requirements and best practices and / or experience in an information security role.

Essential Qualifications & Specialist Training:
• ITIL v4.
• Degree or equivalent combination of education and experience (e.g. in a technical / training area and business administration).

Desirable Qualifications & Specialist Training:
• Information security management qualifications (e.g. CISA, CISM).
• ITIL Foundation Certification.
• Other relevant information security certifications.