Information Security Analyst

London, England, United Kingdom - Remote

Applications have closed

OPEN Health

We are a medical affairs partner providing HEOR, market access, medical communication and omni campaign consulting services.

View company page

You will love this role if you:

  • Understands the need to collaborate with other teams/departments
  • Being able to contribute at many levels to improving the role and the team objectives
  • Love working with Metrics
  • Can make the technology do amazing things

As part of the OPEN Health Information Security team, you’ll be responsible for the following activities:

  • Work in partnership with Legal and GRC teams to define and implement data protection standards that will support the implementation of the required privacy protocols and standards across the organisation
  • Consult and offer advisory services to OPEN Health itself but on occasions – to clients and suppliers
  • Work to protect the security of the OPEN Health organisation
  • Help the Head of Operations with Information Security specific items when necessary
  • Work with external DPO and Information Security partners to ensure the OPEN Health technology environment is as secure as possible for our client and practice data, as well as using these sources to constantly evolve our process & procedures
  • Work with colleagues to ensure that all Information Security requirements including ISO 27001 compliance and implementing a fully functioning Information Security Management System (ISMS)
  • Help establish and maintain Information Security Policies
  • Keep up to date with the latest security and technology developments
  • Research/evaluate emerging cyber security threats and ways to manage them
  • Help plan for disaster recovery and create contingency plans in the event of any security breaches
  • Alongside the CSoC, monitor for attacks, intrusions and unusual, unauthorised or illegal activity
  • Research security enhancements and make recommendations to management,
  • test and evaluate security products
  • Develop systems and processes for security best practices throughout the company
  • Design new security systems or advise/help upgrade existing ones
  • Use various analytic tools to determine emerging threat patterns and vulnerabilities
  • Identify potential weaknesses and implement appropriate measures
  • Investigate security alerts and provide incident response
  • Monitor identity and access management, including monitoring for abuse of permissions by authorised system users
  • Liaise with stakeholders in relation to cyber security issues and provide future recommendations
  • Generate reports for both technical and non-technical staff and stakeholders
  • Maintain an information security risk register and assist with internal and external audits relating to information security
  • Monitor and respond to 'phishing' emails and 'pharming' activity
  • Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues
  • Give advice and guidance to staff on issues such as spam and unwanted or malicious emails

What you’ll bring:

  • An ability to work on your own
  • Adapt at understanding the need for security-specific metrics
  • Expert knowledge and experience as a Data Practitioner and showing familiarity in a number of technology infrastructures (MS365, SharePoint, OneDrive and Azure) and must be accustomed to frameworks such as NIST, ISO27001, SOC II
  • Evidence of at least 3 years working first-hand with IS27001/ITIL-based policies and procedures
  • Knowledge of Data Classification and associated handling procedures
  • Knowledge of penetration testing, network security, and the techniques used to expose and correct security flaws
  • A broad understanding of security technologies including firewalls, proxies
  • SIEM, antivirus/patching software, IDP/IPS, Netwrix access permission auditing
  • The ability to identify and spotlight vulnerabilities on on-premises, Cloud (specifically AZURE) and remote networks; help correct problems, and prevent security breaches
  • Able to work a rotating weekly schedule 8:00 am – 4:30 pm and 12:00 pm - 8:30 pm
  • CompTIA Network+ which helps evaluate and validate your skills and knowledge in designing, managing, troubleshooting, and configuring networks.
  • CompTIA-CySA+ - Preferable
  • Certified Information Systems Security Professional (CISSP) - Preferable
  • Systems Security Certified Practitioner (SSCP) - Preferable
  • EC-Council - ECSA - Certified Security Analyst - Preferable
  • Certified Information Systems Auditor (CISA) - Preferable

What we offer:

As a global organization, OPEN Health is committed to supporting our employees and their families through a comprehensive benefits program

  • Competitive pay, generous paid vacation and holidays, and health insurance programs across all our locations
  • Ongoing training and development opportunities which foster and shape your individual career path
  • An active and growing commitment to bettering the communities our employees call home through our Corporate Social Responsibility program
  • The opportunity to thrive in a global, collaborative environment while working every day to improve health outcomes and patient wellbeing.
  • Diverse, Inclusive culture that encourages you to bring your whole self to work


Can be based in any of our UK Offices or Remotely in the UK or Ireland

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Tags: Audits Azure CISA CISSP Cloud Compliance CompTIA ECSA Firewalls IAM Incident response IPS ISMS ISO 27001 ITIL Monitoring Network security NIST Pentesting Privacy SharePoint SIEM SOC SSCP Vulnerabilities

Perks/benefits: Career development Competitive pay Health care

Regions: Remote/Anywhere Europe
Country: United Kingdom
Job stats:  41  5  0
Category: Analyst Jobs

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.