Information Security Analyst

About the Role Our London-based IT team are seeking a Senior Information Security Analyst reporting to the Head of Technology to work with the Infrastructure and Service Desk teams in London, Singapore, and Hong Kong, handling security incidents and collaborating with senior management on strategies to reduce risk and protect our global offices across London, Asia, Europe, and the United States.

This is a hybrid role requiring a minimum of three days in the office and up to two days working remotely after initial training. Tuesday and Thursday are core office days.

Your Responsibilities Security Operations

• Oversee M365 security by applying clear policies and initiatives.
• Implement best practice controls for infrastructure and end user devices, including secure configuration, access management, and device protection. Collaborate with Infrastructure and Service Desk Managers to ensure measures are properly executed.

Vulnerability Management

• Conduct regular vulnerability assessments-including third-party penetration tests and IT health checks-on systems, networks, and applications.
• Identify, analyse, and prioritise vulnerabilities using risk assessment and threat intelligence to address the most critical issues first.
• Collaborate with the IT team to implement remediation plans and lead mitigation efforts.
• Monitor vulnerabilities and work with relevant teams to ensure timely resolution and patching in line with organisational policies, while enhancing automation for compliance.

Security Monitoring and Incident Response

• Collaborate with our outsourced monitor, detect, respond (MDR) SOC to address security threats.
• Coordinate with MDR providers to enhance security automation for better detection, response, and mitigation.
• Maintain and test information security and incident response procedures, playbooks, and processes to ensure ongoing effectiveness.

Security Compliance and Governance

• Ensure security settings meet recognised frameworks (e.g., Cyber Essentials Plus) and regulatory standards.
• Work with the Head of Technology to improve information security.
• Monitor infrastructure and endpoint settings to maintain compliance with security policies.

• 2 yrs+ experience as an information security analyst, with 1yr+ at a senior level.
• Proven experience of working with M365 security solutions, and system configuration and hardening.
• Hand on experience of working with operating systems including Windows and Linux, configuring firewalls and networking.
• Experience of Microsoft Sentinel, Defender, Conditional Access policies and MFA.
• Knowledge of Cyber Security best practice, NIST, Cyber Essentials Plus or ISO 27001 frameworks
• Strong understanding of information security best practices together with KQL skills and proficiency which would be beneficial.

Qualifications/Education

• Degree or postgraduate degree in Computer Science, Cybersecurity, Information Technology, or equivalent industry experience.
• A cybersecurity certification would be beneficial.

Competencies

• Team Player - an awareness and willingness to work as part of a team, and using own initiative is essential e.g., readily contributing to team initiatives and responding positively to requests for help.
• Interpersonal skills - develops positive relationships with a wide range of people and ability to quickly build credibility and enhance the user experience with internal staff.
• Communication - Ability to communicate at all levels effectively and clearly, quickly assimilate information, establish key issues and to record and assign appropriately.
• Planning and organising - Plans and organises time effectively. Achieves targets and deadlines and copes well under pressure.
• Problem solving - Ability to work on own to troubleshoot issues by establishing the facts, analysing, and solving logically in a timely manner.
• Challenge - Challenging the status quo and actively looking at ways to improve the user experience through more efficient and reliable solutions.
• Accurate / detail orientated - take pride in their work and can work accurately with detailed information and work to deadlines and/or key milestones.
• Reliable and punctual - consistently punctual and dependable in both their attendance as well as in their work.

We can offer you a competitive salary and a varied benefits package. We have a hybrid working policy, three days from the office and two days from home. We are proud of our friendly workplace culture, where we offer ample opportunities to socialise and connect with each other.

About Us Tindall Riley manages three insurance businesses. The Britannia Group ( Britannia P&I ), a mutual club that provides protection and indemnity ('P&I') insurance and freight, demurrage and defence ('FD&D') cover to shipowners and charterers around the world. The Griffin Insurance Association Limited (Griffin), an insurance mutual that provides professional indemnity insurance to broking firms and MGAs around the world. The Wren Insurance Association Limited (Wren), an insurance mutual that provides professional indemnity insurance to architectural practices operating in the UK and overseas. Today, we employ over 300 people globally across 9 offices and have a shared commitment to providing exceptional insurance services for our Members worldwide. At Tindall Riley, our culture is defined by our core values : * We think mutual: Our primary focus is serving our member's needs and we are committed to providing the best service. * We are one team : We collaborate across associations, teams, and geographies to deliver on our shared mission. * We take ownership : We each contribute with pride, initiative, and accountability-bringing energy and focus to our work. * We communicate respectfully : We listen, share openly, and value diverse views, fostering a culture of trust and transparency. * We embrace the future : We're open minded, adaptive to change, and curious about new technologies and ways of working.