TelecommunicationsInformation Security Analyst
Back

Information Security Analyst

  • Orgvue
  • 26/05/2026
Full time Information Technology Telecommunications

Job Description

Role Overview

We are seeking an Information Security Analyst to join Orgvue's Information Security & Data Protection team. This role is suited to someone with early to mid-level experience who is looking to broaden their exposure across security operations, compliance, and product security in a SaaS environment. You will play an active role in maintaining Orgvue's security posture and certifications (ISO 27001, ISO 27018, SOC 2 Type II, CSA STAR), while supporting emerging areas such as AI governance and regulatory compliance. The role reports to the VP of Information Security & Data Protection, with day-to-day direction and mentorship provided by the Senior Information Security Analyst.

Responsibilities Security Operations & Risk Management
  • Monitor security events and alerts, investigating and escalating as appropriate
  • Support incident response activities, including analysis, documentation, and follow-up actions
  • Contribute to the continuous improvement of monitoring and detection capabilities
Vulnerability & Risk Management
  • Support and help operate the vulnerability management programme across application and infrastructure environments
  • Track remediation activities with engineering and infrastructure teams
  • Assist with internal risk assessments and supplier/vendor security reviews
Compliance & ISMS
  • Support the operation and continuous improvement of the Information Security Management System (ISMS)
  • Contribute to maintaining compliance with ISO 27001, ISO 27018, SOC 2 Type II, and CSA STAR
  • Assist with audit preparation, evidence collection, and internal audit activities
  • Produce and maintain security metrics and reporting
Product & Engineering Security
  • Work with engineering teams to embed security practices into DevOps processes and CI/CD pipelines
  • Support secure development practices aligned to OWASP principles
  • Assist in remediation of penetration testing findings and security assessments
  • Contribute to security reviews of application and infrastructure changes
Customer Trust & External Engagement
  • Support responses to customer security questionnaires, RFPs, and due diligence requests
  • Assist in maintaining customer-facing security documentation and Trust Center content
  • Help articulate Orgvue's security controls and practices to non-technical audiences
Data Protection & AI Governance
  • Support data protection activities aligned with GDPR and global privacy requirements
  • Contribute to responsible AI practices, including documentation, transparency, and risk considerations
  • Assist in identifying and managing risks related to data usage and analytics features
Security Awareness & Culture
  • Support delivery of security awareness and training programmes
  • Help promote a strong security culture across the organisation
Core Knowledge
  • Goodunderstanding of ISO 27001 / ISO 27002 and practical ISMS implementation
  • Familiarity with SOC 2, CSA STAR, and common control frameworks
  • Good knowledge of cloud security (AWS and/or Azure)
  • Understanding of identity and access management, encryption, logging/monitoring, and least privilege principles
  • Awareness of modern SaaS security risks (e.g. multi-tenancy, data isolation, API security)
Technical & Engineering Alignment
  • Familiarity with secure software development and OWASP Top 10
  • Understanding of DevOps, CI/CD pipelines, and infrastructure-as-code environments
  • Experience working with vulnerability management, scanning tools, or SIEM platforms (e.g. Datadog or equivalent)
Risk, Compliance & Assurance
  • Experience supporting audits or compliance programmes (ISO 27001, SOC 2, etc.)
  • Experience conducting risk assessments and control evaluations
  • Ability to translate technical controls into clear, customer-facing language
Desirable
  • Exposure to AI governance, data ethics, or emerging AI regulatory requirements
  • Experience with Trust Centers or customer assurance functions
  • Cloud certifications (AWS / Azure)
Experience
  • 2-4 years' experience in an information security or related role
  • Experience in a SaaS or cloud-first environment preferred
  • Experience working cross-functionally with engineering and product teams
  • Exposure to customer-facing security or compliance activities is highly valuable
  • Hybrid working - 2 days a week in the London office
  • Wellbeing: Sanctus Coaching, Virtual fitness sessions, Wellbeing webinars, Annual Wellbeing day
  • Subsidised Gym Membership
  • Private Medical Insurance (including Dental and Vision) and Life Assurance
  • 25 days holiday (increasing to 30 days at a rate of 1 extra day per year)
  • Employer pension contribution of 5% of your gross salary, if you contribute a minimum of 3%
  • Season ticket Loan
  • Cycle to Work Scheme
  • Annual Discretionary Bonus
Benefits
  • Hybrid working - 2 days a week in the London office
  • Wellbeing: Sanctus Coaching, Virtual fitness sessions, Wellbeing webinars, Annual Wellbeing day
  • Subsidised Gym Membership
  • Private Medical Insurance (including Dental and Vision) and Life Assurance
  • 25 days holiday (increasing to 30 days at a rate of 1 extra day per year)
  • Employer pension contribution of 5% of your gross salary, if you contribute a minimum of 3%
  • Season ticket Loan
  • Cycle to Work Scheme
  • Annual Discretionary Bonus
About Orgvue
Apply Now