Information Security Analyst NEW

Manchester, Lancashire
Canopius

The Information Security Analyst is responsible for supporting the effective operation of information security controls, services, and processes across the organisation. Reporting to the Information Security Manager, the role provides hands on security analysis, monitoring, assurance, and risk support across on premise and cloud environments.

The role works closely with Technology teams, third party providers, and business stakeholders to help protect the organisation’s information assets, reduce cyber risk, and maintain compliance with security policies, standards, and regulatory requirements.

Responsibilities Security Operations & Monitoring

• Support the day to day operation of information security controls and services.
• Monitor security tooling, alerts, and dashboards, including SOC and SIEM outputs.
• Investigate and respond to security events and incidents in line with agreed procedures.
• Escalate security incidents and risks to the Information Security Manager as appropriate.

Security Assurance & Risk Support

• Perform assurance activities to assess the effectiveness of security controls.
• Support gap analysis, compliance readiness, and ongoing compliance monitoring.
• Assist with the identification, assessment, and documentation of security risks.
• Track remediation actions and follow up with control owners.

Incident Response & Problem Support

• Support security incident response activities, including investigation and evidence gathering.
• Assist with root cause analysis and documentation of lessons learned.

Contribute to improvements in controls, processes, and preventative measures.

Policy, Standards & Governance

• Support the maintenance and operation of information security policies, standards, and procedures.
• Provide guidance to Technology and business teams on security requirements and best practice.
• Ensure security activities are documented and auditable.

Third Party & Audit Support

• Support third party security due diligence, reviews, and assurance activities.
• Assist with responses to internal and external audits, assessments, and regulatory requests.
• Gather and provide evidence to demonstrate effective operation of security controls.

Security Awareness & Culture

• Support the delivery of security awareness and training activities.
• Promote a positive security and compliance culture across the organisation.
• Contribute to communications and materials that improve security understanding and behaviour.
• Produce security reports and metrics for both technical and non technical audiences.
• Assist with analysis of trends, threats, and emerging risks.
• Contribute ideas and improvements to enhance security processes and controls.

Skills and Experience

• Experience in an information security, IT risk, or IT operations role.
• Understanding of common cybersecurity risks, threats, and control types.
• Familiarity with incident management, risk assessment, and assurance activities.
• Ability to analyse information, identify issues, and document findings clearly.
• Strong written and verbal communication skills.
• Ability to manage multiple tasks and priorities with attention to detail.
• Experience working in regulated or enterprise environments.
• Exposure to cloud security concepts (e.g. Azure security services).
• Experience with security tooling such as SIEM, endpoint protection, or vulnerability management tools.
• Relevant education or certifications (or working towards) in information security.

Benefits

• Hybrid working model.
• Competitive base salary.
• Non contributory pension.
• Discretionary bonus.
• Health and dental insurance.
• Comprehensive wellbeing package.

We are fully committed to equal employment opportunities for all applicants and providing employees with a work environment free of discrimination and harassment. All employment decisions are made regardless of age, sex, gender identity, ethnicity, disability, sexual orientation, socio-economic background, religion or beliefs, marital or caring status, or any other status protected by the laws or regulations in the locations where we operate. We encourage and welcome applicants from all diverse backgrounds.

We make reasonable adjustments throughout the recruitment process and during employment. Please let us know if you require any information in an alternate format or any other reasonable adjustments.