Cyber Security & Compliance Analyst (London) ______

Role Purpose

The Cyber Security & Compliance Analyst is responsible for supporting Calastone’s cyber security framework that underpins BAU. This hands-on role will have responsibility for assisting in the provision of cyber security assurance for a leading financial technology business and will work alongside other teams outside of technology to ensure ongoing best practice and compliance.

 Key Responsibilities
  • Assist in the delivery of the Calastone cyber security / information security strategy
  • Confirming that all security policies are documented and reviewed within relevant timeframes
  • Conduct ongoing security threat, risk, capability and/or maturity assessments
  • Administer due diligence assurance activities in line with client expectations
  • Conduct research to keep up to date with the latest threats and mitigations
  • Conduct third-party vendor risk assurance for Calastone supplier network
  • Perform internal audits and assessments of organisational controls
  • Reporting of cyber security metrics to stakeholder community
 Required Knowledge & Experience
  • Experience of auditing organisational control environments, policies and procedures
  • Professional information security audit experience
  • Any cyber/information security or audit certification (e.g. ISO, CISA) (desired)
  • Understanding or knowledge of security methodologies and industry standards (e.g. ISO27001, NIST)
  • Knowledge of security assessment frameworks (e.g. controls assessment, risk assessment)
  • Experience of third party vendor risk management
Person Specification
  • Passionate about evangelising cyber security best practises
  • Understands key business drivers and can inform and influence key stakeholders
  • Always calm and focused under pressure and able to positively direct colleagues and service partners
  • Takes ownership of problems and leads by example, through to root cause identification
  • Highest levels of professionalism, honesty and integrity
  • Clear and precise in written, oral and diagrammatic forms


This is an ideal role for:

  • Someone wanting to move into the field of information security management from a non-technical or administrative background, or
  • An individual moving from an internal compliance or audit background and wishing to move into the information security auditing or management space, or
  • A graduate wanting to enter into the field of information security / assurance

To apply for this role, please use the following link: