Information Security Analyst

Information Security Analyst (Contract role) Rate - £550 a day Location - London (Hybrid) Duration - 6 Months initially IR35 - Outside Security Operations: Support the build and implementation of managed security services partnerships - 24/7 SOC service, external vulnerability scanning. Support the development and exercising of incident response plans and runbooks. Assurance on the set-up and config that is managed security monitoring platforms (incl. Tenable IO, Cisco Secure Endpoint). Oversee the eradication of vulnerabilities identified in 2024 pen tests, including status reporting to Senior Management Team. Develop tiered threat intelligence reporting for strategic and operational teams. Security Compliance: Support attainment of key enterprise information security standards (CE+, ISO 27001). Support development and update of Information Security policies and processes. Refresh cyber awareness and training programme. Conduct security risk assessments on new systems. Role requirements: Minimum 3 years' experience in a cyber security operational role, in a complex IT organisation. Good practical knowledge of security and vulnerability monitoring platforms, including Tenable IO, Cisco Secure Endpoint, Cisco Secure Network Analytics, Splunk, MS Defender. Experience of developing and exercising cyber incident response plans. Good practical knowledge of security technologies and wider business solutions including Firewalls, Identity and access management, SIEM, SOC Services Excellent awareness of current and emerging threats and countermeasures and the organisational challenges in addressing these. Knowledge of information security standards and best practice. Experience of achieving key certifications, including practical experience of leading and delivering on ISO 27001 & Cyber Essentials (including any variants) Experience of running highly effective cyber security awareness programmes, including the development of e-learning platforms, training sessions and workshops. Experience of developing and maintaining information security policies, procedures and supporting guidance. Qualifications: CC or equivalent (essential), CISSP or CISM (desirable)