Senior Security Analyst

Get AI-powered advice on this job and more exclusive features.

This range is provided by La Fosse. Your actual pay will be based on your skills and experience — talk with your recruiter to learn more.

Base pay range

Direct message the job poster from La Fosse

Senior Information Security Analyst – GRC / NIST

Financial Services Company | Guildford (Hybrid, 2 days/week) | up to £70,000 + Bonus + Benefits

A well-established financial services organisation is seeking an Senior Information Security Analyst to join its maturing InfoSec GRC function. This is a hands-on role focused on implementing the NIST Cyber Security Framework (CSF) and leading key security initiatives across the business.

The successful candidate will report into the GRC Manager and work closely with senior leadership across multiple business units, helping to uplift overall security maturity and embed governance best practices.

What You’ll Be Doing

• Leading day-to-day GRC initiatives aligned to the NIST CSF

• Designing and implementing controls, policies, and procedures in line with frameworks such as NIST, ISO 27001, PCI DSS, DORA, and Cyber Essentials

• Conducting risk and control assessments, identifying material gaps, and managing remediation

• Supporting compliance activities including internal security frameworks and regulatory obligations

• Working cross-functionally to integrate risk management into business-as-usual activity

• Producing risk reports, metrics, and dashboards using Excel and Power BI for governance forums

• Guiding junior members of the team and influencing stakeholders across a federated environment

What They’re Looking For

• 4+ years of experience in information security, with a strong focus on governance, risk, and compliance

• Hands-on implementation experience with NIST CSF is essential

• Broad understanding of security frameworks such as ISO 27001, PCI DSS, DORA, and Cyber Essentials

• Strong data analysis and reporting skills, ideally using Excel and Power BI

• Experience working within regulated industries (e.g. financial services, insurance)

• Confident communicator who can operate independently and engage non-technical stakeholders

Relevant certifications such as CISSP, CISM, CRISC, or ISO 27001 Lead Implementer are highly desirable.

Seniority level

• Seniority level

  Mid-Senior level

Employment type

• Employment type

  Full-time

Job function

• Job function

  Information Technology

• Industries

  Staffing and Recruiting

Referrals increase your chances of interviewing at La Fosse by 2x

Sign in to set job alerts for “Security Analyst” roles.

Guildford, England, United Kingdom 5 days ago

Guildford, England, United Kingdom 4 days ago

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.