Information Security Risk Analyst
London, United Kingdom
Informa is a leading international events, intelligence and scholarly research group.
We’re the specialist’s specialist. Through hundreds of powerful brands, we work with businesses and professionals in specialist markets, providing the connections, intelligence and opportunities that help customers grow, do business, make breakthroughs and take better informed decisions.
Informa is listed on London Stock Exchange and a member of FTSE 100, with over 11,000 colleagues working in more than 30 countries.
Informa’s divisions include:
Informa Connect, a specialist in content-driven events and digital communities that allow professionals to meet, connect, learn and share knowledge.
Informa Markets, creating platforms for international markets to trade, innovate and grow. Through over 500 leading brands, our exhibitions, specialist digital content and data solutions allow customers operating in specialist markets to meet and trade, and for their businesses and markets to thrive.
Informa Tech, a division bringing specialism in technology. We aim to inspire the global technology community to design, build and run a better digital world through research, media, training and events that inform, educate and connect businesses and professionals working in technology.
Taylor & Francis, specialist in scholarly research and in helping academic and research communities make new breakthroughs. We commission, curate, produce and publish scholarly research and reference-led content in specialist subject areas, helping to advance research and enabling knowledge to be discovered and shared.
Global Support is Informa's sixth division, with major hubs in the United Kingdom, United States, Hong Kong and Singapore as well as several smaller locations. As the team behind the teams, Global Support colleagues provide shared, efficient business services and function-specific expertise to each of Informa's operating divisions, enabling our commercial teams to focus on their markets and customers.
The Information Security Risk Analyst role is part of Group Information Security team within the Informa Global Support division of Informa Plc.
The Information Security Risk Analyst role will be responsible for assessing security risks and monitoring risk indicators and remediation activities across the Group.
This important role will support the Information Security Risk Management function and associated processes. This includes process maintenance and continuous improvement, liaising with business stakeholders to ensure information security risk management is done so effectively.
Key Areas of Responsibility/Accountability
- Understand and measure the information security risk posture of divisions to assess security risks and monitor remediation activities.
- Report on the status of risks and on the risk profile of divisions to the InfoSec team and the Risk Committee as needed.
- Perform risk assessments in line with security best practice and the Informa InfoSec Management framework and policies.
- Supporting the Information Security Risk Manager in building and maintaining the Risk framework in the Information Security Risk Register tool.
- Recording risks in the Information Security Risk Register, and updating those with findings, controls and remediation plans.
- Provide advice and guidance on risk remediation actions.
- Support the Information Security Risk Manager with the development, delivery and management of reporting capabilities on Information Security risks and Key Risk Indicators.
- Improving Risk Assessment processes and documents.
- Liaise with business stakeholders to advise them on the status of their security risks.
- Support divisional Information Security Officers with their security risk assessments
- Supporting IT stakeholders with their IT risks as needed
- Work collaboratively with the Third Party Risk Analyst to ensure consistent risk analysis and management
- Occasionally support the Third Party Risk Analyst with Third Party Risk Assessments
- Continuously research and review publicly- and Informa-available risk sources to stay abreast of current threats and risks
- Contribute to the overall Information Security programme of improvements across the Group.
- 3 years of experience in (InfoSec) Risk fundamentals.
- Good stakeholder management and engagement skills.
- Good InfoSec and IT knowledge
- Experience in performing impact, likelihood and risk analyses / assessments.
- Ability to ‘translate’ technical security issues to business risk
- Ability to suggest pragmatic technical and organisational controls to manage identified risks
- Ability to form complex communications/messages in a simple, clear and concise manner to the various parts of the group.
- Excellent written and verbal communication and presentation skills.
- Effective and creative problem-solving skills.
- Proven track record of operating in time critical, diverse, creative and corporate Environments.
- Experience of working with multiple stakeholders.
- Understanding of (InfoSec) risk management concepts
- Ability and confidence to prioritise and balance conflicting and diverse demands from technical and business perspectives.
- Good reporting & analytical skills, preferably advanced in MS tools.
- Experience in working with Governance Risk Compliance (GRC) tools
- CISA/CRISC desired but not essential.
Employee experience is very important to us at Informa. On top of joining a supportive, diverse and ambitious team that welcomes all types of candidates, we make every effort to offer flexible working patterns and prioritise promotion opportunities for internal candidates. Our benefits include:
- A tailored learning and development plan and access to online material to support your career development
- 25 days annual leave, 4 days for volunteering and a day off for your birthday!
- Competitive Benefits package including pension, healthcare and a range of wellbeing benefits
- Share-Match options so you can become a shareholder
- Regular social events and networking opportunities
- Flexible working environment
- Central office in Blackfriars, close to mainline and Underground stations, an onsite gym and restaurant, and a variety of amenities nearby
We know that sometimes the 'perfect candidate' doesn't exist, and that people can be put off applying for a job if they don't fit all the requirements. If you're excited about working for us and have most of the skills or experience we're looking for, please go ahead and apply. You could be just what we need! We believe strongly in the value of diversity and creating supportive, inclusive environments where our colleagues can succeed. As such, Informa is proud to be an Equal Opportunity Employer. We do not discriminate on the basis of race, colour, ancestry, national origin, religion, or religious creed, mental or physical disability, medical condition, genetic information, sex (including pregnancy, childbirth, and related medical conditions), sexual orientation, gender identity, gender expression, age, marital status, citizenship, or other protected characteristics under local law. This role may also be available on a flexible working or part time basis – please ask the Talent Acquisition team for more information
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
More jobs like this
Remote - Ireland Remote - Ireland Full TimeSenior Senior-levelUSD 42K - 78K * USD 42K+ *
Sr. Director Analyst, Technical Expert - SOC, SIEM, Network Security, Remote Ireland, UK and CanadaNetwork security Privacy SIEM SOC Strategy ZTNA
Career development Conferences Startup environment Team events
Egham - Tamesis Egham - Tamesis Full TimeSenior Senior-levelUSD 42K - 78K * USD 42K+ *
Sr. Director Analyst – Cloud and Network Security, Emerging Technologies and Trends (REMOTE - UK)Application security AWS Azure CCSP CEH CISSP +7
Career development Conferences Startup environment Team events
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open IT Security Analyst jobs
- Open Senior Information Security Analyst jobs
- Open Consultant SOC / CERT H/F jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Senior Information Security Engineer jobs
- Open Information Security Officer jobs
- Open Security Operations Engineer jobs
- Open Analyste CERT / Incident Responder junior (H/F) jobs
- Open Ingénieur DevSecops H/F jobs
- Open Staff Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Security Architect jobs
- Open Chief Information Security Officer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Analyste CERT / Incident Responder senior (H/F) jobs
- Open o365 Security Architect jobs
- Open Senior Security Analyst jobs
- Open Principal Security Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Staff Product Security Engineer jobs
- Open Electronic Warfare Advanced Tactical Trainer jobs
- Open Product Security Engineer jobs
- Open Security Researcher jobs
- Open Cyber Security Architect jobs
- Open GCP-related jobs
- Open SOC-related jobs
- Open Risk assessment-related jobs
- Open Network security-related jobs
- Open Governance-related jobs
- Open Pentesting-related jobs
- Open ISO 27001-related jobs
- Open CISM-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open Threat intelligence-related jobs
- Open IAM-related jobs
- Open Malware-related jobs
- Open Java-related jobs
- Open Security Clearance-related jobs
- Open Vulnerability management-related jobs
- Open CISA-related jobs
- Open DevOps-related jobs
- Open Kubernetes-related jobs
- Open Security assessment-related jobs
- Open Forensics-related jobs
- Open APIs-related jobs
- Open SQL-related jobs
- Open CI/CD-related jobs
- Open EDR-related jobs