Information Security Analyst - Information Security

We're looking for an Information Security Analyst to join our high-assurance EMEA Managed Services Operations (MSO) team at Entrust Security UK Ltd, based near Newbury, Berkshire. Reporting to the Information Security Manager, you'll support all aspects of security, risk, compliance, and awareness, while also acting as Deputy Security Officer for PKI and Certificate Authority operations. This is a hands-on role in a highly trusted environment where security underpins every business activity. This hybrid position requires regular on-site presence (3-4 days per week), so candidates must be commutable to Newbury and have access to transport. Ideal for someone eager to grow across all domains of Information Security, this role offers exposure to critical infrastructure, compliance frameworks, and high-trust operations. How You Will Make an Impact:

• Operational implementation and maintenance of the Information Security Management System (ISMS) ensuring that controls, processes, and standards are complied with, maintained, current and effective
• Reporting of any weaknesses, vulnerabilities, non-conformities or behaviours that undermine the high assurance levels expected of and by Entrust
• Proactively identifying InfoSec improvements, efficiencies, savings and benefits
• Acting as Deputy Security Officer for the Trust Service Centres (TSC), supporting the Company Security Officer, ensuring that corporate policy and local standards and procedures are upheld and maintained to protect Trust Services
• Ensuring conformity to external standards such as ISO27001:2022, tScheme, Cyber Essentials Plus and WebTrust
• Daily interaction with the MSO, providing subject matter expertise support, guidance and advice
• Supporting security enforcing events such as Key Signing Ceremonies (KSC), Hardware Security Module (HSM) operations, CA builds and off-site Trust Services. Activities include:
• Preparation and administration of all artefacts and components required for such activities (documentation, tokens, auditable items, tamper evident containers)
• Management, collection and transfer of all security artefacts and components
• HSM management
• Preparation of security enforcing and audit events
• Audits of security artefacts (on-site & off-site)
• Analysis of customer-specific security compliance requirements and advising the relevant business owner regarding delivery of such controls
• Supporting risk assessments in accordance with the Corporate risk policy and customer requirements
• Supporting all internal and 3rd party audits, both in preparation and attendance
• Supporting the management and maintenance of all local security and relevant standards, procedures and process ensuring ongoing compliance with requirements
• Developing and delivering local security awareness campaigns, training and briefings
• Managing secure destruction and disposal of information assets (paper and media), decommissioning of CA/PKI and related components, in accordance with PKI policy and data retention policy and standards
• Coordinating maintenance of technical security and environmental controls such as Alarms, CCTV, Cooling systems, Standby Generator, and Access Control Systems
• Supporting Business Continuity and Disaster Recovery (BCDR) plans, tests and maintenance

Do you have experience in Splunk?, * ISO27001 Lead Implementer or Lead Auditor certification

• Minimum 3 years' experience in Information Security, including hands-on involvement in managing security programmes
• Ability to meet Entrust's pre-employment screening requirements

Desirable Competencies:

• Professional security qualifications (e.g. CISM or equivalent)
• Strong written and verbal communication skills, with the ability to explain technical concepts clearly
• Self-motivated, process-driven, and detail-oriented
• Critical thinker with a commitment to delivering high-quality outcomes
• Industry certifications such as CRISC, NCSP, CPSA, CEH
• Familiarity with security frameworks and standards (ISO27001, Cyber Essentials, NIST 800-83, JSP 440)
• Experience with SIEM and/or vulnerability scanning tools (e.g. Splunk, Rapid7 Nexpose etc)
• Understanding of PKI management practices and trust standards (tScheme, eIDAS, ETSI)
• Experience of Threat and Vulnerability Management
• Risk assessment and/or Management experience

Required Attributes:

• Current SC Clearance or eligibility to obtain it
• Willingness to work flexibly, including outside core hours when required
• High personal integrity, resilience, and a proactive "can-do" attitude

At Entrust, we're shaping the future of identity centric security solutions. From our comprehensive portfolio of solutions to our flexible, global workplace, we empower careers, foster collaboration, and build solutions that help keep the world moving safely. Get to Know Us Headquartered in Minnesota, Entrust is an industry leader in identity-centric security solutions, serving over 150 countries with cutting-edge, scalable technologies. But our secret weapon? Our people. It's the curiosity, dedication, and innovation that drive our success and help us anticipate the future., The EMEA MSO (Managed Services Operations) is a dynamic business unit within Entrust, providing high-assurance services to mission-critical sectors. We pride ourselves on a culture of flexibility, dedication, and a proactive mindset. Our team members are expected to bring a can-do attitude and a willingness to contribute beyond their core responsibilities when needed. #LI-NR1 At Entrust, we don't just offer jobs - we offer career journeys. Here is what you can expect when you join our team: * Career Growth: Whether you're a budding developer or a seasoned expert, we're invested in your professional journey. With learning-forward initiatives and exciting challenges, your growth is our priority. * Flexibility: Life is all about balance. Whether you're remote, hybrid, or on-site, we offer flexible options that fit your lifestyle. * Collaboration: Here, your voice matters. Our teams thrive on sharing ideas, brainstorming solutions, and working together to build a better tomorrow. We believe in securing identities-but it doesn't stop there. At Entrust, we're passionate about valuing all identities. Our culture is built on diversity, inclusion, and respect. From unconscious bias training for our leaders to global affinity groups that connect colleagues across the globe, we're creating a community where everyone is encouraged to be themselves. Ready to Make an Impact? If you're excited by the prospect of innovating, growing your career, and collaborating in a dynamic environment, Entrust is the place for you. Join us in making a difference. Let's build a more secure world-together. Apply today! For more information, visit www.entrust.com . Follow us on, LinkedIn , Facebook , Instagram , and YouTube For US roles, or where applicable: Entrust is an EEO/AA/Disabled/Veterans Employer For Canadian roles, or where applicable