Senior Threat Intelligence Analyst working with Bupa's cybersecurity team. Focused on threat management and defensive strategies to enhance cyber security posture.
About the role
- Information Security Analyst SME protecting information assets by designing and maintaining security policies. Ensuring compliance with security standards in a tech services company focused on digital transformation.
Responsibilities
- The Information Security Analyst (SME) is responsible for protecting the organization’s information assets by designing, implementing, and maintaining security controls, policies, and best practices. As a Subject Matter Expert, this role provides hands-on technical expertise, risk assessment, and advisory support across the business, ensuring compliance with security standards while enabling secure business operations.
- Compliance Monitoring: Support the implementation and monitoring of security policies to ensure compliance with applicable laws, regulations, and industry standards (e.g. ISO 27001, NIST)
- Participate in internal, external or regulatory audits as required.
- Other work or projects as assigned.
Requirements
- Aligns with our values: Excellence, Integrity, Professionalism, People Success, Customer Success, Fun, Innovation and Diversity
- Strong communication skills
- Strong problem solving and analytical skills
- Excellent problem-solving ability
- Minimum Requirements:
- Bachelor’s degree in Information Security, Computer Science, IT, or a related field (or equivalent experience)
- at least 5 years of experience in information security, cybersecurity, or IT risk roles
- Strong understanding of:
- Information security principles and frameworks
- Risk assessment and vulnerability management
- Identity and access management (IAM)
- Data protection and privacy concepts
- Experience working in a hands-on, SME or fast-growing organization
- Experience communicating policies and compliance requirements with both technical and non-technical audiences at various levels in the organization.
- Good experience in establishing and performing policy, standard and procedure assessment in a cloud-based environment, technologies, and services.
- Good experience defining, revising, and implementing corporate information security policies, standards, processes, guideline, and related regulatory expectations.
- Familiarity with various industry frameworks and requirements including NIST framework, ISO 27001, PCI DSS, SOC 2, etc.
- Passionate in ensuring the confidentiality, integrity, and availability of our critical assets and contributing to our organization's information security initiatives by applying your knowledge and attention to details.
- Able to work and communicate well with different stakeholders.
- Remains composed when decisions have to be made quickly.
- Preferred:
- Relevant certifications (any of the following):
- CISSP, CISM, CISA
- ISO 27001 Lead Implementer / Auditor
- Security+, CEH, or equivalent
- Experience with cloud security (AWS, Azure, or GCP)
- Familiarity with security tools (SIEM, endpoint security, vulnerability scanners)
- Good understanding of regulatory requirements in different markets the organization operates (e.g., MAS, HKMA, FSC, BNM, BSP, BOT).
- Good understanding of security risk and compliance assessment, process, and procedures
- Good to have Cybersecurity Fundamental certifications such as CompTIA Security+, ISC, etc.
- Able to develop and implement new and improved ways of doing work; encourage staff and guide organization and foster a positive security behavior and posture.
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Senior Information Security Analyst at Field Nation leading SOC 2 and ISO 27001 compliance programs. Collaborating with teams to embed security and leverage AI in GRC workflows.
Analista de Ciberseguridad en CRG Solutions responsable de monitorear amenazas y gestionar vulnerabilidades en la organización. Identificación de riesgos y mejora continua de la postura de seguridad.
Compliance & Information Security Analyst at beqom managing GRC and TPRM functions. Overseeing client governance, risk, and compliance requests, and vendor due diligence at a SaaS company.
Security Compliance Analyst responsible for ensuring compliance with security regulations and collaborating on security measures across teams.
Senior Technical Expert in Cyber Defense Center at ZEISS analyzing global cyber threats. Collaborating with SOC, CIRT, and ensuring proactive defense strategies.
Information Security Analyst focusing on vulnerability research and data analysis at Flexera. Involves analyzing, verifying vulnerabilities, and maintaining high - quality content standards.
Oversee the testing lifecycle and provide cyber security solutions at Xcel Energy. Engage in various testing techniques and collaborate with teams to enhance quality practices.
Security Analyst II role at Deepwatch focusing on incident handling and cybersecurity analysis. Working with a team to improve security posture and customer experience in a hybrid environment.
Information Security Analyst II at West Bend handling security projects and collaboration with IT teams. Supporting security incidents and enhancing organizational information security policies.