Information Security Analyst
Role details
Job location
Tech stack
Job description
As Information Security Analyst you will be the champion of information security across LifeArc and will be responsible for evaluating, testing, monitoring and maintaining LifeArc's information security policies, procedures and systems.
The Information Security Analyst will be our front-line defender to ensure security controls and processes are aligned with industry standards such as ISO 27001 and overall cyber security. You will be expected to continuously monitor networks and systems for threats and respond to security incidents. Working collaboratively with the Information Security Lead and the wider technology team, you will identify and investigate security risks or violations, determine root causes, and recommend improvements to prevent future incidents.
This role is essential for safeguarding LifeArc's critical information and IT systems, ensuring robust data protection, regulatory compliance and uninterrupted business operations., * Implement, maintain, and monitor core security controls including but not limited to; managing user access, hardening systems, and ensuring all protective tools and patches are up to date and functioning effectively across LifeArc.
- Continuous monitoring and incident detection through monitoring networks, servers, and endpoints for signs of security incidents or anomalies. Investigate alerts to determine validity and severity.
- Create, implement and oversee identity management systems in line with security and compliance need, and managing privileged access using the principle of least privilege.
- Champion compliance with frameworks such as ISO 27001 and help prepare evidence or documentation for any security audits or assessments.
- Perform vulnerability scanning on systems and networks and identify security risks and exposures in the technology environment.
Requirements
Do you have experience in NIST standards?, Do you have a Bachelor's degree?, Are you passionate about making life science life changing and delivering impact for patients? We want to hear from you., * Strong hands-on knowledge of IT systems and security technologies.
- Experience with configuration of tools such as firewalls, and encryption solutions.
- Good working knowledge of industry security standards and frameworks such as ISO 27001, NIST Cybersecurity Framework, SOC2, or CIS Controls.
- Ability to analyse and interpret security risks - including understanding common threat vectors and vulnerabilities.
- Experience with incident response processes and, ideally, basic digital forensics.
Education and/or Certifications:
- Bachelor's degree in Computer Science, Information Security, Information Technolgoy or a related field is highly desirable.
- CompTIA Security+ or other industry-recognised certifications such as GIAC (Global Information Assurance Certifications).
Desirable:
- Specialised training in areas such as incident response, digital forensics, cloud security, or ethical hacking can be advantageous
Skills & abilities:
- Strong attention to detail when dealing with sensitive data and security records
- Strong analytical and problem-solving skills
- Cross-functional communication to be able to communicate and collaborate with non-security specialists.
- Ability to work with high integrity and confidentiality given the sensitive nature of the work; ensuring an ethical conduct is always practised.
Benefits & conditions
Salary will be determined by qualifications and experience along with other exceptional benefits. Because we understand everyone has different requirements, our flexible benefits allow you to choose those which are important to you. Our pension scheme offers employer contributions of up to 12%, private health insurance, and annual leave of 31 days PLUS bank holidays.
