Information Security Analyst

 Location: Edinburgh Hybrid 
Type: Full-time | Permanent
Sector: Financial Services / Regulated Industry

How do we protect information at the organisational level? If this is a question you like to answer then this could be the role for you. We're working with a forward-thinking financial services organisation that’s expanding its Information Security team with a new Information Security Analyst role. This is a fantastic opportunity to make a real impact in a collaborative, fast-paced environment where security is a top priority.

The Role

As an Information Security Analyst, you’ll play a key role in enhancing the organisation’s security posture. You’ll work across departments and with third-party partners to support risk management strategies, improve security maturity, and contribute to the development of policies, training, and awareness programs.

This is a hands-on role where you’ll lead initiatives, support audits and regulatory engagements, and help shape how security is assessed and reported using frameworks like NIST CSF, CIS CSAT, ISO27001, and Cyber Essentials+.

Key Responsibilities

• Assess and document security control designs and operational effectiveness
• Lead tabletop exercises and threat modelling sessions
• Support and mentor other security team members
• Develop and deliver security training and awareness initiatives
• Assist with vendor risk assessments and intra-group risk reporting
• Maintain structured reporting and audit trails
• Engage with auditors, regulators, and internal stakeholders
• Contribute to policy development and oversight of critical outsource partners
• Collaborate with Security Operations and Application Security teams

About You

You’re a detail-oriented, proactive professional who thrives in a collaborative environment. You’re inquisitive, analytical, and comfortable translating technical insights into clear, actionable outcomes. You enjoy mentoring others and are confident working independently while knowing when to escalate or collaborate.

Skills & Experience

• Strong understanding of information security risk management and ISMS principles
• Experience with security controls in software development lifecycles
• Familiarity with NIST CSF, CIS CSAT, ISO27001, or Cyber Essentials+
• Skilled in threat modelling and maturity assessments
• Experience supporting audits and regulatory reviews
• Knowledge of vendor risk management and supply chain security
• Excellent communication and documentation skills
• Proficiency with tools like Jira, Confluence, and Microsoft 365
• Experience in financial services or regulated environments is a plus

Why Apply?

• Join a growing team in a newly created role
• Work in a collaborative, forward-thinking environment
• Influence key security initiatives and frameworks
• Opportunity to grow and develop your career in a regulated industry

📩 Interested?
Apply now or reach out to Christina Hall at [email protected] or 0141 370 9911