Information Security Analyst

Job Description

Are you the right candidate for this opportunity Make sure to read the full description below.

An exciting and growing organisation in Ipswich is looking for an Information Security Analyst to join its expanding security function.

This role suits a technically strong IT professional with experience in infrastructure, cloud, networking, or systems administration, who also has exposure to information security principles and operational security practices. You’ll work within the Information Security team, supporting assurance, audits, and technical security validation across the business, working closely with the Information Security Manager.

Key Responsibilities

• Support information security assurance and governance across infrastructure, cloud, network, endpoint, and identity environments
• Perform security control checks, evidence gathering, and risk assessments
• Assist with internal/external audits (including ISO 27001 and customer audits)
• Support security questionnaires, RFPs, and technical due diligence requests
• Review supplier security documentation and identify risks or gaps
• Maintain security documentation, control records, and evidence repositories
• Analyse outputs from security tools (vulnerability scanners, SIEM, patching, access reviews)
• Work with technical teams to validate and improve security controls
• Contribute to security improvements and control design

Experience Required

• Strong technical background (Infrastructure, Systems, Network, Cloud, or Security roles)
• Experience in production environments with exposure to security activities (patching, vulnerability management, baselines, audits)
• Understanding of Windows/Linux, networking, IAM, virtualisation, xwzovoh cloud (Azure/AWS), backups, and monitoring
• Knowledge of security controls (firewalls, EDR, SIEM/logging, encryption, least privilege, vulnerability management)
• Ability to explain technical security concepts clearly to technical and non-technical audiences
• Strong documentation and organisational skills

Desirable

• Exposure to ISO 27001 or similar frameworks
• Experience in regulated or high-assurance environments
• Certifications such as CompTIA Security+, Microsoft, Cisco, or cloud certifications