Information Security Analyst - Vulnerability Management

You'll play a key role within the Information Security function, taking ownership of vulnerability management activity across the business. Working with class-leading tools and cross-functional teams, you'll ensure vulnerabilities are identified, assessed, communicated and addressed in a structured, risk-led way. You'll also coordinate third-party testing, support project teams, contribute to audits, and help maintain compliance across multiple operational jurisdictions., * Conducting vulnerability scanning and reviewing results to assess risk and impact

• Scheduling scans across all business endpoints with minimal operational disruption
• Planning and coordinating internal and external penetration testing
• Communicating risk clearly to both technical and non-technical teams
• Supporting projects to ensure information security is built in from the outset
• Helping maintain compliance with regulatory and security requirements
• Acting as an escalation point for vulnerability-related issues
• Creating and maintaining clear technical documentation
• Monitoring emerging threats and escalating relevant risks
• Supporting internal and external audits where required, Should we both wish to proceed, we will submit your details to the client and be in touch regarding the outcome and any further steps.

The interview process for this client consists of:

• Stage 1 - 30-60 minutes technical and competency interview via MS Teams
• Stage 2 - 60-90 minutes technical assessment
• Stage 3 - 60-minute face-to-face interview with hiring manager

You'll bring a strong foundation in information and cyber security, alongside hands-on experience in vulnerability scanning, analysis and technical investigations. You'll be comfortable articulating risk, prioritising remediation, and working collaboratively with teams across the business. Excellent communication, organisation and attention to detail are essential, along with a pragmatic, solution-focused approach to governance and risk.

We're looking for someone with:

• A solid understanding of information and cybersecurity principles and technologies
• Practical experience conducting vulnerability scans and evaluating results
• Experience in security-related technical investigations
• Awareness of industry-standard security practices and emerging technologies
• Knowledge of PCI DSS (current version)
• Strong documentation, communication and stakeholder engagement skills
• Excellent organisational skills and the ability to work to deadlines
• A pragmatic, flexible, "can-do" attitude to governance and risk, * Vulnerability
• Vulnerability Management
• PCI DSS
• Vulnerability Assessment

• Performance-Based Bonus
• Annual bonus paid in two instalments (April & September), based on company and personal performance.
• Pension Scheme
• Employer-matched contributions of up to 7.5%.
• Hybrid Working
• Minimum 2 days per week in the office, with flexibility on which days.
• Flexible Working Hours
• 40-hour workweek with flexibility in how hours are structured.
• Generous Annual Leave
• 25 days holiday + your birthday off, plus bank holidays. Option to buy or sell up to 5 additional days.
• Free Gym Membership
• Available to all employees.
• No Visa Sponsorship Available for this role.

Our client renowned for its commitment to innovation, scalability, and cutting-edge technology. Operating at the forefront of digital solutions, they leverage bespoke and third-party systems to drive efficiency and enhance business operations. This is an exciting opportunity to join a forward-thinking organisation that prioritises technological evolution and continuous improvement.