IT Security Analyst – Financial Services / 6 months contract / 40k-60k per month

Key Responsibilities

• The Security Governance and Compliance Manager will serve as the primary point of contact for internal and external IT and security audits, managing all related documentation, evidence, and responses. They will track and ensure timely resolution of audit findings and lead ISO 27001 certification efforts and ongoing compliance activities. The role requires maintaining risk registers, supporting risk assessments, and helping various teams identify and mitigate security risks.
• In addition, the manager will develop and maintain security policies and procedures, promote security awareness through training programs and phishing simulations, and create clear communication materials on security topics.
• On the technical side, the role involves reviewing and managing Azure and Microsoft 365 security settings, assessing controls implemented by external IT providers, conducting regular risk assessments, and maintaining comprehensive security documentation. The manager will also monitor and respond to security incidents as they arise.
• Supporting security operations includes assisting with incident response and investigations, evaluating the threat detection capabilities of the SOC provider, building security automation tools, and staying informed about emerging security threats and vulnerabilities.

Ideal Candidate Profile

• The successful candidate will have a bachelor’s degree in Information Security, Computer Science, or a related field, along with at least 3 years of experience in information security, governance, risk management, and compliance. A strong understanding of security frameworks such as ISO 27001, NIST CSF, and SOC 2 is essential, and professional certifications like CGEIT, CRISC, or CISA are preferred.
• Experience in the insurance sector and familiarity with its regulatory requirements will be advantageous. Proficiency in Microsoft 365 security services—including Defender for Office 365, Intune, and Data Loss Prevention (DLP)—is required, with additional certifications such as Azure Security Engineer Associate or Microsoft 365 Security Administrator Associate considered highly desirable.

Skills and Competencies

• Excellent verbal and written communication skills, with the ability to explain technical concepts clearly to non-technical audiences.
• Proven track record managing an ISO 27001-certified Information Security Management System (ISMS).

• Experience leading remediation efforts for security audit findings.
• Development and delivery of security awareness programs.
• Familiarity with cloud security compliance frameworks.
• Knowledge of Security Information and Event Management (SIEM) systems, vulnerability scanning, and penetration testing.
• Understanding of Zero Trust security architecture.

Please reach out to German Cham at german.cham@connectedgroup.com for more information.

IT Security Analyst – Financial Services / 6 months contract / 40k-60k per month