Information Security Analyst

Orgvue is seeking an Information Security Analyst to join their Information Security & Data Protection team, responsible for maintaining security posture and certifications, supporting emerging areas such as AI governance and regulatory compliance.

Requirements

• Monitor security events and alerts, investigating and escalating as appropriate
• Support incident response activities, including analysis, documentation, and follow-up actions
• Contribute to the continuous improvement of monitoring and detection capabilities
• Support and help operate the vulnerability management programme across application and infrastructure environments
• Track remediation activities with engineering and infrastructure teams
• Assist with internal risk assessments and supplier/vendor security reviews
• Support the operation and continuous improvement of the Information Security Management System (ISMS)
• Contribute to maintaining compliance with ISO 27001, ISO 27018, SOC 2 Type II, and CSA STAR
• Assist with audit preparation, evidence collection, and internal audit activities
• Produce and maintain security metrics and reporting
• Work with engineering teams to embed security practices into DevOps processes and CI/CD pipelines
• Support secure development practices aligned to OWASP principles
• Assist in remediation of penetration testing findings and security assessments
• Contribute to security reviews of application and infrastructure changes
• Support responses to customer security questionnaires, RFPs, and due diligence requests
• Assist in maintaining customer-facing security documentation and Trust Center content
• Help articulate Orgvue’s security controls and practices to non-technical audiences
• Support data protection activities aligned with GDPR and global privacy requirements
• Contribute to responsible AI practices, including documentation, transparency, and risk considerations
• Assist in identifying and managing risks related to data usage and analytics features
• Support delivery of security awareness and training programmes
• Help promote a strong security culture across the organisation

Benefits

• Wellbeing: Sanctus Coaching, Virtual fitness sessions, Wellbeing webinars, Annual Wellbeing day
• Subsidised Gym Membership
• Private Medical Insurance (including Dental and Vision) and Life Assurance
• 25 days holiday (increasing to 30 days at a rate of 1 extra day per year)
• Employer pension contribution of 5% of your gross salary, if you contribute a minimum of 3%
• Season ticket Loan
• Cycle to Work Scheme
• Annual Discretionary Bonus