Security/Privacy Analyst - AI Infrastructure

Looking for a new opportunity?

Join a premier UK-based cloud and infrastructure provider with over two decades of experience delivering AI-ready environments and secure digital transformation through its elite NVIDIA Cloud Partner capabilities. This security analyst role offers the chance to act as a vital link between technical operations and regulatory compliance, reporting directly to the Director of Information Security. The successful candidate will maintain a robust security posture by managing alerts and vulnerability remediation while playing a key part in achieving high-level ISO 27001 and SOC 2 audit standards.

Take the next step and apply now!

Responsibilities:

• Daily management of alerts and reports across key tools (including cloud-based security consoles and SIEM platforms).
• Monitor system vulnerabilities and coordinate remediation efforts with operations teams.
• CSupport internal and external audits, including SOC 2 and ISO 27001, by collecting evidence and tracking control validation .
• Attend Change Advisory Board (CAB) meetings, conduct technical risk reviews of vendors, and maintain the main information security risk register .
• Create and manage Data Protection Impact Assessments (DPIAs) and maintain the Record of Processing Activities (RoPA) database to ensure GDPR alignment .
• Conduct basic internal penetration testing and support the maintenance of the Information Security Management System (ISMS).

Skills/Must have:

• Must have experience in a linux environment
• Experience: 2 to 3 years of proven experience in a Security, Compliance, or Privacy Analyst role.
• Frameworks: Strong working knowledge of SOC 2 and ISO/IEC 27001 frameworks.
• Regulatory Knowledge: Solid understanding of GDPR and UK data protection regulations.
• Technical Proficiency: Experience managing DPIAs and RoPA documentation, alongside familiarity with security monitoring tools and SIEM platforms.
• Cloud Experience: Practical experience working in cloud environments, specifically Google Cloud Platform.
• Communication: Exceptional organisational skills and the ability to interpret risks in a practical, business-focused way for both technical and non-technical teams .

Desirable Skills:

• Education: BA Hons degree in a relevant field.
• Certifications: ISO 27001 Lead Implementer/Auditor, CISM, CISSP, or equivalent.
• Tools: Exposure to penetration testing methodologies and vulnerability scanning tools.
• Growth: Experience supporting audits within a fast-paced or scaling organisation.

Salary:

• Up To £50,000