Information Security Analyst

The Company
The UK’s largest independent energy supplier is seeking an Information Security Analyst to join their expanding team. First Utility is committed to helping customers reduce their energy bills through the use of innovative technology, by offering cheaper tariffs and campaigning for industry change. This opening comes at an exciting stage and offers a fantastic opportunity for you to be part of a team hungry to make a difference.

The role

The Information Security team is responsible for the ongoing protection of the confidentiality, integrity and availability of data, especially where such data is deemed sensitive. The team is tasked with implementing robust security controls, yet being flexible as to not hinder business operations: the balance between security and operational functionality must be maintained. The team is led by the Head of Information Security, who reports to the Chief Information Officer. There are a further two Information Security Analysts in the team.

The person

The successful candidate will have

  • Detailed knowledge of information security frameworks including ISO 2700x, NIST and CESG advised best practice

  • Understanding of PCI DSS: experience of certification process is beneficial

  • Working knowledge of data protection legislation, specifically the Data Protection Act 1998 and General Data Protection Regulation

  • In-depth knowledge of information security audit techniques, including management and testing of IT controls frameworks

  • Knowledge of IT system and network security principles, and how these are applied in a real, dynamic environment

  • Experience in maintaining ISMS policies and process documents.

  • Understanding of technical IT operating processes and the most appropriate security controls

  • Experience in using third party security services/contractors and appreciation of due diligence processes before work is performed

  • CISA, CISM and/or CISSP certification is beneficial

  • ISO 27001 Lead Auditor beneficial

  • Background in Tier 1 (Big 4) or Tier 2 security/IT audit practices is beneficial.

  • Must be confident to work independently (e.g. performing a complete information security audit end-to-end).

  • Experience of dealing with senior management is beneficial (e.g. presenting audit findings or explaining the purpose of a specific risk control).

To Apply


Featured Posts
Recent Posts
Search By Tags
No tags yet.
Follow Us
  • Facebook Basic Square
  • Twitter Basic Square
  • Google+ Basic Square

Scotland - Office


76 Queens Crescent,


West Lothian, EH54 8EG

Tel:  0800 612 5951


  • YouTube Social  Icon
  • Twitter Social Icon
  • Instagram
  • Facebook
  • LinkedIn Social Icon

England - Office


2nd Floor, Everdene House,

Wessex Fields, Deansleigh Road, Bournemouth, BH7 7DU

Tel: 0800 612 5951

© 2020 Business Derivatives Limited