Information Security Analyst Hybrid Nottingham (1 day per week onsite) Full-time, 40 hours per week (Mon Fri, 9am 5pm) Salary: £35,000 - £40,000 depending upon experience Are you a pragmatic, detail driven security professional who enjoys turning standards into practical security controls and helping teams understand and manage risk? If you re confident collaborating across departments, producing clear reports, and strengthening an organisation s security posture through measurable improvements, this role could be a great fit. We re looking for an Information Security Analyst who can balance governance, risk, compliance, and hands-on operational security activities. What you ll be doing In this varied and impactful role, you ll help operate and continuously improve our Information Security Management System (ISMS) while supporting risk management, compliance, and audit readiness across the business. Your work will span policies, controls, assessments, awareness, and metrics. You will: Maintain and update ISMS policies, standards, and procedures Coordinate internal and external audits (including Gambling Commission security audits) from planning to closure. Run the risk management process, keeping registers and treatment plans accurate Support PCI DSS compliance activities and associated evidence collection Manage and track vulnerability scanning and remediation across systems Assist with incident response, triage, evidence collection, and post-incident reviews Work with IT a