Cyber Security Analyst

Opportunity: Cyber Security GRC AnalystLocation: Crawley or Ipswich 5 Days a Week for 1st 6 Months, 3 Days On Site after probationWorking Preference: Onsite, Hybrid Working SupportedSalary and Package: £55,000 per year (depending on your experience/technical skill set) plus annual bonus and 8-10% pension contributionsPlease note that to apply for this role, you must hold a British Passport and have lived in the UK for a continuous period of 5 years or more. Unfortunately, the client cannot provide sponsorship for this opportunity.Overview of the client:A leading supplier of renewable energy in the southeast, our client is looking for an experienced Security GRC Analyst to join them on a full-time basis. This role will see the successful applicant supporting the GRC Manager, to implement ISMS across the business. To be successful, you'll have a background in Operational Technology, CAF and CNI, and have problem-solving skills to recommend pragmatic mitigating solutions to mitigate IT risks across the organisation. You must also be able to develop and implement new governance and compliance strategies and practices.Requirements:Practical experience in a GRC role or related profession e.g. risk, audit, cyber security or similar practical experience in IT or OT role with a desire to move into cyber security, must have some relevant training of cyber security risk assessment.Detailed knowledge and experience in defining, implementing, operating maintaining, and improving information security management systems (ISMS).Experience of internal and external audit engagements, orchestrating and delivering cyber security risk and control assessments and knowledge of risk processes, frameworks, and procedures.Knowledge of compliance, security and regulatory frameworks such as Cyber Essentials, Smart Energy Code (SEC), Network and Information Systems Directive (NIS) National Cyber Security Centre (NCSC) Cyber Assessment Framework (CAF), ISA/IEC 62443, ISO/IEC 27001/27002, GDPR, Cloud Security Alliance (CSA) Star framework, SOC2 Type 2 audits. Information Technology Infrastructure Library (ITIL), Control Goals for Information and Related Technologies (CoBIT).Proficient in at least one or more of the following, within a corporate environment:IT / OT operational risks and controls assessment and assuranceBusiness Continuity Planning and Disaster Recovery testing assurance.3rd Party Supply chain risks, controls and assurance.Great to haves:Specific GRC related professional training or an academic level equivalent in a related subject with a recognised information security related certification e.g. CISSP, CompTIA, CISA, CISM, CRISC, MSc Information Security, degree or other formal technical qualifications e.g. apprenticeship, in a related area e.g. networking, cyber security, Information Technology, Operational Technology.As dedicated recruitment professionals, we prioritize confidentiality. InfoSec People values diversity, equity, and inclusion (DE&I). Please share any information or accessibility needs to aid your process; we’ll do our best to cater to specific requirements.For further details, please send the most current version of your CV and a good time to speak to Becca at InfoSec People, or please click apply or get in touch with Becca for an open, honest, and confidential conversation;📞 01242 507109📧 #####