Information Security Analyst - Governance, Risk & Compliance

Overview

Role

Title:

Information Security Analyst – GRC

Location:
Leeds, W. Yorkshire (Hybrid - 2 days per week on site)

Contract:
Permanent

Working Pattern:
Full Time (37.5 hours p/w)

We have an exciting opportunity for an experienced Information Security Analyst to join our established GRC Information Security team in Leeds!

As a trusted expert in Information Security and Risk Management, you’ll play a key role in shaping how new systems and processes are developed, ensuring they meet essential security and compliance requirements including ISO 27001, PCI-DSS and industry best practise.

You’ll also lead security risk assessments and manage the remediation of vulnerabilities, risks, and audit findings across MPS’s networks, systems and software applications, driving a secure-by-design methodology throughout the organisation. By helping to deliver consistent, high-quality security assurance and controls, you’ll support the reduction or remediation of information security risks across the organisation.

As our new Information Security Analyst, you will also

• Monitor for and provide robust challenge of emerging risks and issues arising from business activities which fail to deliver appropriate and consistent outcomes for our members
• Work with Security Operations to identify further security awareness requirements following incidents and current threats
• Drive and coordinate remediation of risks and audit findings identified that enhance weakness in MPS security controls.
• Work on and drive security-related projects, to ensure security requirements have been met and call out any risks identified against MPS risk appetite
• Liaise with relevant teams in specialist areas to manage security and ensure contractual and regulatory requirements are

We are looking for:

• Significant experience of information security from a technical and compliance perspective
• Working knowledge of security domains, auditing standards and frameworks and risk analysis frameworks including ISO 27001 and Cyber Essentials etc.
• Experience of managing technical projects from design to implementation
• Excellent attention to detail, analytical skills and an ability to analyse complex technical information in order to identify patterns, trends and risks
• Ability to communicate with a range of technical and non-technical team members and other relevant individuals at all levels of the business

We welcome applicants from all backgrounds, and we encourage you to apply even if you feel you do not match 100% of the technical requirements. We celebrate diversity, promote inclusivity and strive to create a work environment which ensures everyone can be heard.

In return, we can offer

• Discretionary on-target bonus of 10%. Up to a max 20% based on performance
  11% pension contribution (3% from you, 8% from us – optional additional matched 3% contributions, e.g. 6% from you, 11% from us)
• 25 days annual leave. Flexible public holidays and option to buy/sell additional leave
• Private Medical Cover
• Car Salary Sacrifice scheme
• 6x salary death in service
• Holistic health and wellbeing support package
• A truly flexible hybrid-working arrangement
• A culture that promotes inclusivity, wellbeing and rewards hard work

Medical Protection Society (MPS) is the world’s leading protection organisation for Doctors, Dentists and healthcare professionals. We protect and support the professional interests of almost 350,000 Members around the world.

We are a not-for-profit organisation, meaning our Members’ premiums are kept safe should our Members require support for complaints or claims arising from professional practice, or invested into bettering the organisation, our colleagues and our products.

Our philosophy is to support safe practice in medicine and dentistry by helping to avert problems in the first place. We also actively campaign for regulatory and legal reforms that benefit Members and the wider healthcare professions.

To do this, we need colleagues who are trusted and supported to deliver their best work, whether that be through leadership development, fully-funded training courses or peer-to-peer support. We want our colleagues to feel empowered enough to deliver positive change, display ambition to push themselves and are determined when faced with a challenge, whilst ensuring our Member’s best interests are at the core.

Next Steps

If you are interested in finding out more, looking for a new role and want to join an organisation that truly values its employees, take a look at the role profile to find out more about the role to apply.

Our Talent Acquisition team are always on hand should you have any questions, are having any technical issues or wish to understand how MPS can support you with your application and interview. You can contact our Talent Acquisition team by emailing (Use the "Apply for this Job" box below).