Information Security Analyst

Location Glasgow
Discipline: IT
Job type: Permanent
Contact name: Gary Simpson

Contact email: gary.simpson@change-digital.co.uk
Contact phone: 0141 5668922
Job ref: 155665
Published: about 2 hours ago
Expiry date: 19 Dec 2025 23:59

Are you an experienced Information Security Officer ?

 

Would you like to work for a global company who operate from prestigious offices in the centre of Glasgow ?

 

My client is looking for an experienced InfoSec Officer to work with them on a permanent basis.

 

Its hybrid working, 3 days in the office and 2 from home.

 

Main responsibilities include:

  • This role is responsible for ensuring the security of systems and data by evaluating the risks associated with third-party vendors and internal projects and recommending appropriate risk mitigation strategies.
  • The Information Security Officer will work closely with cross-functional teams, including the IT, Risk & Compliance, project management, and technical teams, to ensure compliance with security standards and best practices.
  • 3rd party risk assessments, supporting incoming questions, supporting technical operational side on policy question, picking up tickets from service desk, managing the mailbox.  Attending meetings.
  • Involved in internal audits - working closely with OGC, Client audits, client commitments team
  • Contract reviews - making sure correct info sec clauses are in place
  • Projects – this will come in time, once they are comfortable with the BAU, types of projects

 

Skills & Experience:

  • Strong Governance/ Risk & compliance GRC background from an information security point of view. If you have a tech background - moved into GRC that would be ideal
  • Bachelor's degree in Computer Science, Information Technology, or a related field (or equivalent work experience).
  • Professional certifications such as CISA, CISM, CISSP or similar credentials are preferred.
  • Strong knowledge of information security principles, best practices, and standards (e.g., ISO 27001, NIST CE+).
  • Experience in co-ordinating and participating in Security audits.
  • Experience in supporting projects from inception through to completion
  • Experience in stakeholder engagement, supporting ISMS governance and implementation across multiple projects or programs of work
  • Experience in conducting project security risk and vendor risk assessments.
  • Familiarity with security frameworks and assessment methodologies.
  • Knowledge of regulatory requirements related to data privacy and protection (e.g., GDPR, CCPA) is a plus.
  • Strong analytical and problem-solving skills.
  • Excellent written and verbal communication skills.
  • Ability to work independently and collaboratively in a team-oriented environment.
  • Attention to detail and a commitment to maintaining high-quality standards

 

This is a fantastic opportunity to join this leading company who offer a great working environment.

 

For more information please get in touch asap.