Information Security Analyst – Information Security

Information Security Analyst

Position Overview:

Were looking for an Information Security Analyst to join our high-assurance EMEA Managed Services Operations (MSO) team at Entrust Security UK Ltd based near Newbury Berkshire.

Reporting to the Information Security Manager youll support all aspects of security risk compliance and awareness while also acting as Deputy Security Officer for PKI and Certificate Authority operations. This is a hands-on role in a highly trusted environment where security underpins every business activity.

This hybrid position requires regular on-site presence (34 days per week) so candidates must be commutable to Newbury and have access to transport.

Ideal for someone eager to grow across all domains of Information Security this role offers exposure to critical infrastructure compliance frameworks and high-trust operations.

How You Will Make an Impact:

• Operational implementation and maintenance of the Information Security Management System (ISMS) ensuring that controls processes and standards are complied with maintained current and effective

• Reporting of any weaknesses vulnerabilities non-conformities or behaviours that undermine the high assurance levels expected of and by Entrust

• Proactively identifying InfoSec improvements efficiencies savings and benefits

• Acting as Deputy Security Officer for the Trust Service Centres (TSC) supporting the Company Security Officer ensuring that corporate policy and local standards and procedures are upheld and maintained to protect Trust Services

• Ensuring conformity to external standards such as ISO27001:2022 tScheme Cyber Essentials Plus and WebTrust

• Daily interaction with the MSO providing subject matter expertise support guidance and advice

• Supporting security enforcing events such as Key Signing Ceremonies (KSC) Hardware Security Module (HSM) operations CA builds and off-site Trust Services. Activities include:

• Preparation and administration of all artefacts and components required for such activities (documentation tokens auditable items tamper evident containers)

• Management collection and transfer of all security artefacts and components

• HSM management

• Preparation of security enforcing and audit events

• Audits of security artefacts (on-site & off-site)

• Analysis of customer-specific security compliance requirements and advising the relevant business owner regarding delivery of such controls

• Supporting risk assessments in accordance with the Corporate risk policy and customer requirements

• Supporting all internal and 3rd party audits both in preparation and attendance

• Supporting the management and maintenance of all local security and relevant standards procedures and process ensuring ongoing compliance with requirements

• Developing and delivering local security awareness campaigns training and briefings

• Managing secure destruction and disposal of information assets (paper and media) decommissioning of CA/PKI and related components in accordance with PKI policy and data retention policy and standards

• Coordinating maintenance of technical security and environmental controls such as Alarms CCTV Cooling systems Standby Generator and Access Control Systems

• Supporting Business Continuity and Disaster Recovery (BCDR) plans tests and maintenance

Essential Competencies:

• ISO27001 Lead Implementer or Lead Auditor certification

• Minimum 3 years experience in Information Security including hands-on involvement in managing security programmes

• Ability to meet Entrusts pre-employment screening requirements

Desirable Competencies:

• Professional security qualifications (e.g. CISM or equivalent)

• Strong written and verbal communication skills with the ability to explain technical concepts clearly

• Self-motivated process-driven and detail-oriented

• Critical thinker with a commitment to delivering high-quality outcomes

• Industry certifications such as CRISC NCSP CPSA CEH

• Familiarity with security frameworks and standards (ISO27001 Cyber Essentials NIST 800-83 JSP 440)

• Experience with SIEM and/or vulnerability scanning tools (e.g. Splunk Rapid7 Nexpose etc)

• Understanding of PKI management practices and trust standards (tScheme eIDAS ETSI)

• Experience of Threat and Vulnerability Management

• Risk assessment and/or Management experience

Required Attributes:

• Current SC Clearance or eligibility to obtain it

• Willingness to work flexibly including outside core hours when required

• High personal integrity resilience and a proactive can-do attitude

The EMEA MSO (Managed Services Operations) is a dynamic business unit within Entrust providing high-assurance services to mission-critical sectors. We pride ourselves on a culture of flexibility dedication and a proactive mindset. Our team members are expected to bring a can-do attitude and a willingness to contribute beyond their core responsibilities when needed.

#LI-NR1

For US roles or where applicable:

Entrust is an EEO/AA/Disabled/Veterans Employer

For Canadian roles or where applicable:

Entrust values diversity and inclusion and we are committed to building a diverse workforce with wide perspectives and innovative ideas. We welcome applications from qualified individuals of all backgrounds and we strive to provide an accessible experience for candidates of all abilities.

If you require an accommodation contact .

Recruiter: