Senior Security Analyst - UK - Home-based

Posted 4 days 7 hours ago by worldwide.com

Permanent
Full Time
Other
Not Specified, United Kingdom
Job Description

Senior Security Analyst - UK - Home-based

Senior Security Analyst - UK - Home-based

Apply remote type Remote locations Virtual United Kingdom time type Full time posted on Posted Yesterday job requisition id JR100638

Who we are

We're a global, midsize CRO that pushes boundaries, innovates and invents because the path to a cure for the world's most persistent diseases is not paved by those who play it safe. It is built by those who take pioneering, creative approaches and implement them with quality and excellence.

We are Worldwide Clinical Trials, and we are a global team of over 3,500+ experts, bright thinkers, dreamers and doers and, together, we are changing the way the world experiences CROs - in the best possible way.

Our mission is to work with passion and purpose every day to improve lives and we are looking for others who value this same pursuit.

Why Worldwide

We believe everyone plays an important role in making a world of difference for patients and their caregivers. From our hands-on, accessible leaders, to our cohesive and supportive teams, we are committed to enabling professionals from all backgrounds and experiences to succeed. We prioritize cultivating a diverse and inclusive environment that continues to promote collaboration and creativity. We are proud to be a workplace where people thrive by being themselves and are inspired to do their best work every day. Join us!

What the Information Technology Department does at Worldwide

The IT department is made up of seasoned professionals united in one common goal: to keep Worldwide's technical infrastructure operating at the highest levels for our employees and our customers. We are a global team comprised of numerous professionals including cyber security, artificial intelligence, IT helpdesk, application support, and more.

What you will do
  • Conduct risk assessments to identify and evaluate potential threats, calculating impact and likelihood, and recommending risk mitigation strategies.
  • Handle Requests for Information, Audit Questionnaires, and third-party risk evaluations.
  • Collaborate with stakeholders across Clinical Operations, IT, Legal, and others to draft, refine, and implement security policies aligned with industry standards (e.g., ISO, NIST, CIS CSC) and regulatory requirements (e.g., GDPR, HIPAA).
  • Prepare and deliver reports on the organization's risk profile, compliance status, and progress toward risk mitigation objectives.
  • Identify opportunities to improve GRC processes and implement practical enhancements to streamline workflows.
What you will bring to the role
  • Strong analytical and problem-solving skills with the ability to assess risks and develop actionable recommendations.
  • Knowledge of cybersecurity principles, governance frameworks, and risk management practices.
  • In-depth knowledge of healthcare/clinical research compliance frameworks and their intersection with cybersecurity governance.
  • Ability to communicate effectively with technical and non-technical stakeholders, including preparing clear and concise reports.
  • Experience in GRC within a clinical research organization (CRO) or similar regulated environment is highly desirable.
  • Certified in Risk and Information Systems Control (CRISC), Certified Information Systems Auditor (CISA) or similar certification is beneficial. Aspiration or movement towards obtaining the CISSP certification is a plus.
Your experience
  • Bachelor's Degree or 4-year equivalent degree in IT, Cybersecurity, or a related field.
  • Minimum of 5 years of experience in cybersecurity governance, risk assessment, or compliance, preferably in a corporate setting.
  • Understanding of key industry standards, frameworks, and regulations pertinent to cybersecurity governance such as ISO 27001/27002 and CIS CSC.
  • Strong written and verbal communication skills, able to articulate complex issues in a clear and concise manner.
  • Experience with third-party risk management, identifying risk in identity and access management, and compliance monitoring.

We love knowing that someone is going to have a better life because of the work we do.