Information Security and Data Analyst
Posted 4 days ago by DVF Recruitment
£55,000 Per year
Fixed-Term
Undetermined
Leeds, England, United Kingdom
Summary: The Data & Information Security Analyst role is an 18-month fixed-term contract based in Leeds or Birmingham, focusing on safeguarding the firm's data and digital assets. The position involves monitoring security incidents, maintaining security accreditations, and enhancing the information security framework in collaboration with internal teams and third-party suppliers. The analyst will play a crucial role in ensuring compliance with security standards and conducting regular assessments.
Key Responsibilities:
- Monitor networks and systems for suspicious activity and security breaches
- Investigate, escalate, and respond to security incidents promptly
- Document incidents, analysis, and remediation actions
- Conduct regular vulnerability assessments
- Perform monthly endpoint application security checks to support accreditation compliance
- Arrange independent penetration testing (physical and black box)
- Support data gathering for Data Subject Access Requests (DSARs)
- Ensure policies, procedures, and controls are regularly reviewed and effective
- Conduct audits in line with ISO 27001 accreditation requirements
Key Skills:
- Strong working knowledge of ISO 27001:2022
- Previous experience within the legal sector
- Relevant professional certifications (e.g. CISSP, CISM, CompTIA Security+)
- Strong understanding of security frameworks and standards (NIST, UK GDPR, Cyber Essentials / Cyber Essentials Plus)
- Experience with security tools such as XDR, EDR, and SIEM
Salary (Rate): £55,000.00 yearly
City: Leeds
Country: United Kingdom
Working Arrangements: undetermined
IR35 Status: fixed-term
Seniority Level: Mid-Level
Industry: IT
Data & Information Security Analyst 18-Month Fixed-Term Contract Birmingham or Leeds Our established legal client are seeking an experienced Data & Information Security Analyst to join its Compliance & IT function on an 18-month fixed-term basis. This role plays a critical part in safeguarding the firm’s data and digital assets. Working across IT and Compliance you will monitor and respond to security incidents, maintain security accreditations (including ISO 27001 and Cyber Essentials), and support continuous improvement of the firm’s information security framework. You will work closely with internal teams and liaise with third-party suppliers to ensure robust, compliant, and effective security controls are in place.
Key Responsibilities
- Monitor networks and systems for suspicious activity and security breaches
- Investigate, escalate, and respond to security incidents promptly
- Document incidents, analysis, and remediation actions
- Conduct regular vulnerability assessments
- Perform monthly endpoint application security checks to support accreditation compliance
- Arrange independent penetration testing (physical and black box)
- Support data gathering for Data Subject Access Requests (DSARs)
- Ensure policies, procedures, and controls are regularly reviewed and effective
- Conduct audits in line with ISO 27001 accreditation requirements
Skills & Experience
- Strong working knowledge of ISO 27001:2022
- Previous experience within the legal sector
- Relevant professional certifications (e.g. CISSP, CISM, CompTIA Security+)
- Strong understanding of security frameworks and standards (NIST, UK GDPR, Cyber Essentials / Cyber Essentials Plus)
- Experience with security tools such as XDR, EDR, and SIEM
Please apply if you're keen!