More jobs:
Senior Information Security Analyst
Job in
Greater London, London, Greater London, EC1A, England, UK
Listed on 2026-01-17
Listing for:
Canary Wharf Group
Full Time
position Listed on 2026-01-17
Job specializations:
-
IT/Tech
Cybersecurity, Information Security
Job Description & How to Apply Below
Department:
Technology
Company:
Canary Wharf Limited
Reporting to:
Associate Director - Information Security & IT Risk
** JOB SUMMARY
** Under the direction of the Associate Director - Information Security & IT Risk the post-holder will play an important role in protecting the Canary Wharf Estate and Canary Wharf Group from information and cyber security threats and hazards.
From the outset, the post-holder will be exposed to a wide range of stakeholders across all levels and will gain great insight into how information security is managed in the organisation and support the business strategy.
Salary range 70,000 - 75,000 per annum.
** MAIN RESPONSIBILITIES
*** Support the Associate Director - Information Security & IT Risk in the development of new information and cyber security policies, processes, and procedures.
* Acting as Senior Information Security partner to stakeholders and internal Technology teams across Canary Wharf Group, working proactively to embed security into initiatives, programmes, and projects through early engagement and pragmatic, risk-based advice.
* Provide expert review and challenge of technology solutions and designs, advising on security risks, control requirements, and opportunities to improve information and cyber security maturity.
* Help design, assess, and improve technical security controls, including leading Cloud Security Assessments and tracking remediation activities.
* Lead third-party information security risk management activities, including supplier security assessments, risk evaluations, and engagement with vendors to address identified security gaps.
* Lead information security assurance activities, including control effectiveness reviews, thematic assessments, and support for internal and external audits, ensuring findings and remediation actions are managed to completion.
* Play a key role in the operation and continual improvement of the ISO 27001 Information Security Management System (ISMS) and Cyber Essentials Plus, including control ownership, audit preparation, and evidence management.
* Ensure information security is embedded into organisational change by collaborating closely with Technology and project delivery teams, providing security input and sign-off for projects, system changes, and new services, and promoting security-by-design principles.
* Provide senior information security support during security incidents, including impact assessment, containment advice, lessons learned, and post-incident improvement activities.
* Own and evolve the group-wide information security education and awareness programme, including the design and delivery of targeted training and in-person sessions for colleagues and senior stakeholders.
* Develop and maintain information security metrics, dashboards, and reporting to support governance forums and senior management decision-making, including risk posture, control maturity, and compliance status.
* Further your professional development and understanding of information and cyber security through the completion of training and attendance at industry conferences.
* Assist our data protection team with Data Protection Impact Assessments and related tasks.
* Deputise for the Associate Director - Information Security & IT Risk when required, providing leadership, continuity of service, and mentoring support to junior team members.
** PERSON SPECIFICATION
*** At least 3 years of experience in Information Security or a closely related discipline.
* Holders of a STEM (Science, Technology, Engineering or Mathematics) qualification are preferred; individuals from all educational backgrounds will be considered. Qualifications as CISM, CRISC, CompTIA Security + or equivalent are desirable.
* Practical experience with enterprise security tools and technologies (e.g., endpoint protection, data loss prevention, identity and access management, security monitoring, and threat detection solutions).
* Ability to interpret outputs from security tools and use them to inform risk decisions and remediation activities.
* Ability to work autonomously and manage projects/tasks through their lifecycle to completion.
* An awareness of recent developments which have impacted information and cyber security.
* An understanding and appreciation of why information and cybersecurity are important to businesses, in particular real estate and construction.
* Excellent communicator with strong verbal and written skills, with the ability to interact at all levels of an organisation.
* Robust organisational skills with the ability to manage multiple tasks working to deadlines.
* Prepared to work flexibly and varied hours as required, including out-of-hours call-out and attendance.
** HEALTH SAFETY AND WELFARE RESPONSIBILITIES
** All staff are required to fulfil their legal duty to take reasonable care for the health and safety of themselves and others who may be affected by their acts and omissions, and to follow all guidance and instructions given in this respect.…
Position Requirements
10+ Years
work experience
Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
Search for further Jobs Here:
×