Information Security Analyst Leeds, England
Job description
Package Description
- Salary up to £55,000
- Hybrid working (Leeds office)
- Generous matched pension scheme
- Annual bonus scheme - up to 15%
- Private Medical Insurance
- Health Care Cash Plan
- 25 days annual leave, plus 8 flexible bank holidays
- Option to buy and sell holidays
- 6x salary death in service
- Paid volunteering day
- A personal GP service enabling you to get a video consultation with an NHS-registered private GP
- A range of shopping discounts, exclusive codes and cashback deals on purchases for a wide range of retailers
- Financial wellbeing support, expert guides, tips and tools to help you manage your money better and improve your financial wellbeing
- Wellbeing support, free specialist counselling, advice and signposting support through our Employee Assistance Programme and Mental Health First Aider network. Anytime access to a Wellbeing hub and a free Wellbeing App
Job Introduction
We are looking for an Information Security Analyst – Governance Risk and Compliance to join our growing Information Security team. You will play a pivotal role in delivering the Information and Cyber Security strategy which aims to significantly reduce information and cyber security risks across MPS.
You will be part of a team responsible for developing and embedding the governance, risk, and compliance framework at MPS, and help drive effective risk management and compliance to information security policies and regulations. This will involve supporting the Information Security Manager to develop the team and its processes as part of a wider Information Security and Cyber Resilience function.
You will undertake governance and assurance activities to support compliance against internal security policies, standards, processes, and procedures and against external certification frameworks and regulatory body requirements therefore you will need to have working knowledge of relevant frameworks such as Cyber Essentials, ISO27001, GDPR, PCI.
Role Responsibility
- Recommending and driving security improvements using a risk-based approach.
- Maintaining information security frameworks, policies, standards, and guidelines and recommending improvements where appropriate
- Assist with the creation of new and/or improvement of existing policies and supporting standards and ensure they are embedded accordingly across the organisation
- Supporting accurate and timely risk management reporting to governance committees and stakeholders
- Ensuring operational activities adhere to security policies and standards
- Assisting with the design of the information security risk management approach
- Performing information security gap analysis against compliance frameworks, defining, and managing risk treatment plans and reporting
- Engaging with and educating colleagues across the organisation to increase information security awareness
- Defining a schedule of work to conduct third party supplier reviews through security questionnaires and on-site reviews
- Supporting projects and changes to embed security requirements into the development and change lifecycle
- Attending committee meetings, producing, and presenting appropriate security metrics
- Support internal and external audit engagements
The Ideal Candidate
The ideal candidate will have previously held an audit, governance or risk and compliance-based role and have experience working in Information / Cyber Security preferably either in the legal, healthcare or insurance sectors. You will have an in-depth understanding of security concepts, specifically related to governance, risk and compliance.
The successful candidate will have effective organisational, analytical, and independent problem-solving skills and, as a confident communicator, you are able to analyse and articulate complex technical information to technical and non-technical audiences. With outstanding written and verbal communication skills, you put an emphasis on confidentiality, tact, and diplomacy.
You will also be proactive and able to work collaboratively across the business and technical teams to build trusted partnerships and to promote a positive, open, and honest culture of risk management and information security best practice.
Diversity & Inclusion
We welcome applicants from all backgrounds, and we encourage you to apply even if you feel you do not match 100% of the technical requirements. We celebrate diversity, promote inclusivity and strive to create a work environment which ensures everyone can be heard.
What’s important to MPS is that our people live our values of Member First, Ambitious, Determined and Empowered.
If you have any questions about any advertised role and how we can support you, please contact our Recruitment Team.
About the Company
Medical Protection Society (MPS) is the world’s leading protection organisation for doctors, dentists and healthcare professionals. We protect and support the professional interests of almost 300,000 members around the world, in countries as diverse as the United Kingdom, South Africa and Hong Kong.
Our philosophy is to support safe practice in medicine and dentistry by helping to avert problems in the first place. We also actively campaign for regulatory and legal reforms that benefit members and the wider healthcare professions. Membership provides access to expert advice and support together with the right to request indemnity for complaints or claims arising from professional practice.
We continue to invest in our team to ensure that we are delivering the best possible service for members. This was recognised in 2016 when we were awarded an Investors in People Silver award.
Job Types: Full-time, Permanent
Salary: Up to £55,000.00 per year
Schedule:
- 8 hour shift
- Day shift
- Monday to Friday
- No weekends
Supplemental pay types:
- Bonus scheme
Work Location: Hybrid remote in Leeds, LS11 5AE
