Flexa
For employers
< Back to search
Improbable • London

Information Security Risk Analyst

Job Description

The Defence Security Team looks to support all teams throughout the business and meet objectives in the most secure manner possible. Collaborating closely with the Core Security Team and Engineering teams, we identify and safeguard assets against malicious threats, promptly responding to and recovering from various security incidents.
We are responsible for managing security risks in three core domains - Cyber, Personnel, and Physical. We are responsible for managing security risks in three core domains - Cyber, Personnel, and Physical. As our clients have specific security requirements, our team plays a vital role in implementing robust security controls for defined outcomes and maintaining tailored assurance measures. Currently, we are seeking a proactive and systematic Security Analyst to spearhead the development of an effective security culture across all business functions.

Your Opportunity:

  • Lead security risk assessments across different security domains, projects, operational requirements, and technical change initiatives.
  • Enhance and refine the Information Security Management System (ISMS) to align with the company's current practices.
  • Develop new metrics, KPIs/KRIs to strengthen risk management capabilities.
  • Effectively communicate the security implications of technical decisions, risk mitigation strategies, and alignment with risk tolerance levels to stakeholders at all organizational levels.
  • Participate in due diligence and ongoing risk management activities related to supply chain operations.
  • Analyze and interpret threat intelligence to offer risk advisory and tutorial services to various Defence teams.
  • Oversee the creation and maintenance of new security standards and procedures to enhance staff security culture, including support for personnel and physical security processes in line with HMG handling requirements.

Why You're Made For This:

  • Demonstrated expertise in ISO27001 or NIST CSF.
  • Familiarity with risk management principles, best practices, and emerging toolkits such as Cyber Essentials and/or ISO27001.
  • Understanding of ISO 9001 and Quality Management Systems (QMS) and their interactions with ISO 27001.
  • Knowledge of internal audits and their value in managing organizational systems.
  • Experience with UKSV Vetting, including staff clearance management and vetting awareness campaigns.

Company benefits

Work from anywhere scheme – up to 30 days working from abroad
Health insurance
Dental coverage
Dog friendly office
Enhanced maternity leave – 26 weeks full pay + 13 weeks statutory maternity pay
Enhanced paternity leave – 4 weeks full pay
Shared parental leave
Pregnancy loss leave
Fertility treatment leave
Adoption leave
Enhanced sick pay
Enhanced WFH tools
Teambuilding days
Open to part time work for some roles
Wellbeing allowance
Compassionate leave
Mental health platform access
Women’s health leave
Time off in-lieu
Optional unpaid leave
Carer’s leave
On-site massages
On-site yoga classes
Fully stocked snack cupboard
Meditation space
Cycle to work scheme
Life insurance
Annual pay rises
Interest free loans
Share options
Equity packages
Sabbaticals
Volunteer days
Personal development budgets
Relocation packages
L&D budget
Employee discounts
Financial coaching
Employee assistance programme
Skilled worker visas
Charity donation scheme
Work from home budget
Travel loan
__ days annual leave + bank holidays

Working at Improbable

Company employees:

50

Hiring in countries

United Kingdom

Office Locations

Awards & Accreditations

Most flexible companies

Most flexible companies

Flexa100 2024
DeepTech, Data & AI

DeepTech, Data & AI

Industry awards 2023