Information Security Analyst

The Information Security Analyst supports the Director of Information Security by operating, monitoring, improving and reporting on cyber controls across IT environments. The role focuses on coordinating security operations with third-party partners, producing evidence for audits/certifications, and supporting the business reduce cyber risk while maintaining productivity., * Security Operations & Incident Management: Monitor and triage security alerts, coordinate investigations with SOC/MDR partners, maintain incident records, and support escalation and post-incident reviews.

• Vulnerability & Risk Management: Validate vulnerabilities, support remediation with technical teams, track ageing issues, and manage risk exceptions with compensating controls and remediation plans.

• Security Controls & Governance: Support identity, endpoint, and data protection controls (e.g., MFA, privileged access, EDR/XDR), report on control health, and represent Information Security in change and architecture governance processes.

• Security Integration & Advisory: Work with IT and operational teams to embed cybersecurity practices into systems, processes, and technology changes.

• Security Awareness: Deliver and enhance security awareness programmes and phishing simulations tailored to organisational risks and workforce needs.

• Vendor & Service Management: Act as an operational contact for security vendors and partners, monitoring service performance and resolving issues.

• Continuous Improvement: Stay informed on emerging threats and technologies and recommend improvements aligned with organisational risk tolerance and operational requirements.

• Education & Experience: Degree in Cyber Security, Computer Science, or a related field (or equivalent experience) with practical experience in security operations and incident handling, including SIEM/EDR and working with SOC/MDR providers.

• Security & Compliance Knowledge: Experience supporting recognised security frameworks and compliance requirements such as ISO 27001, NIST, Cyber Essentials Plus, and potentially defence-related standards (e.g., CMMC/DEFCON).

• Technical Understanding: Working knowledge of core security technologies including firewalls, EDR/XDR, DLP, IAM/PAM, and SIEM, and how they contribute to reducing cyber risk.

• Professional Skills: Strong analytical, problem-solving, and communication skills, with the ability to explain security concepts to both technical and non-technical audiences.

• Collaboration & Working Style: Able to work independently, prioritise tasks effectively, and collaborate across IT and business teams in a global environment.

Desirable Skills:

• Security certifications (e.g., CompTIA Security+, Microsoft SC-200/SC-300, vendor certifications for EDR).

• Experience in manufacturing, engineering, or other regulated environments with high availability expectations.

• Familiarity with control effectiveness testing and evidence pack preparation.

Each company within the Planet Equity Group is a "data controller" Full details regarding how we hold your data is available within our Privacy Notice accessible at our website. #TECH