Job Description

255358BR

Information Security Analyst

================================


Nottingham Support Office
Permanent
Full-time

Job Title:

Information Security Analyst

Location:

Nottingham

Contract:

Perm

Recruiter:

Noaman Hussain

About the role

We are looking for an experienced and proactive Information Security Analyst to join our growing IT2A InfoSec team. You will serve as a critical liaison between Information Security and internal business units, ensuring the implementation of security strategies and the management of information security risks across the organisation. Reporting to the Senior Manager, the Security Analyst will join the Project Advisory team.

Key responsibilities

Provide high quality security advice to mitigate identified risks and ensure compliance with internal standards and industry best practices. Guide the implementation and operation of physical, procedural, and technical security controls. Conduct security risk assessments, NFR reviews and business impact analyses for complex systems Identify risks in proposed technical architectures and design alternative solutions or countermeasures. Contribute to the development and continuous improvement of security policies, standards, and guidelines along with internal processes Implement and document new or enhanced security controls and system/process changes. Advise on and support penetration testing and vulnerability assessments across applications, systems, and networks. Conduct in-depth reviews of legacy systems to identify and remediate security gaps. Represent Information Security in project teams, ensuring alignment with security requirements throughout the project lifecycle. Support project delivery by ensuring security acceptance criteria and documentation are completed in accordance with internal processes. Accurately track and report time spent on projects, escalating issues and ensure project utilization (recovery targets) are met.

What you'll need to have

Awareness of Information Security policies, standards, and frameworks Familiarity with project management methodologies (e.g., Agile, Waterfall). Experience in one or more of the following areas: Security Engineering, Threat Response, Security Operations, IT Compliance, IT Governance, Cloud Security, Application Security, or related domains. Strong grasp of core information security principles and best practices. Analytical, problem-solving, and stakeholder management skills. Effective written and verbal communication abilities. Self-motivated with a proactive mindset and a continuous improvement approach. Ability to work independently and collaboratively within cross-functional teams.

It would be great if you also have

These are desirable skills or experience and are not essential, so we would welcome applications from candidates that don't match this additional criteria.Industry-recognized certifications such as CISSP, CISM, CompTIA Security+, CEH, or vendor-specific credentials (e.g., AWS Security, Microsoft SC-200). Experience with security tools and platforms (e.g., SIEM, DLP, vulnerability scanners). Familiarity with regulatory and compliance frameworks (e.g., ISO 27001, NIST, GDPR).

Our benefits

Boots Retirement Savings Plan Discretionary annual bonus Generous employee discounts Enhanced maternity/paternity/adoption leave pay and gift card for anyone expecting or adopting a child Flexible benefits scheme including option to buy additional holiday, discounted gym membership, life assurance, activity passes and much more. Access to free, 24/7 counselling and support through TELUS Health, our Employee Assistance Programme.


We have a great range of benefits in addition to the above that offer flexibility to suit you - find out more at boots.jobs/rewards. Exclusions may apply, eligible roles only. Please note, any salary estimates given on third-party sites are not provided or endorsed by Boots and may not be accurate.

Why Boots

At Boots, we foster a working environment where consideration and inclusivity help everyone to be themselves and reach their full potential. We are proud to be an equal opportunity employer, passionate about embracing the diversity of our colleagues and providing a positive and inclusive working environment for all. As the heart of everything we do at Boots, with you, we change for the better.

What's next

Where a role is advertised as full-time, we are open to discussing part-time and job share options during the application process. If you require additional support as part of the application and interview process, we are happy to provide

reasonable adjustments

to help you to be at your best.



This role requires the successful candidate to complete a

Pre-employment check

after receiving an offer. Depending on your location you will be asked to submit either a DBS (Disclosure & Barring Service), PVG (Protection of Vulnerable groups) or an Access NI Check.



Boots is a Ban the Box employer and will consider the suitability of applicants with criminal convictions on a case-by-case basis.



#LI-Onsite

Business Area

Support Office

Function

Technology

Keywords

Information, Security, Analyst

Hours per week

37.5

Latitude,longitude 1

52.927182,-1.183948

Is this a Global Brands req?

No

Airport

No

Company

Non Stores

Division

Non Stores

Should this vacancy be excluded from being posted onto the Boots.jobs career site?

No

Region

East Midlands

Area

East Midlands (non stores)

Store

Nottingham Support Office

Req Posted Date

11-Jun-2025

County

Nottinghamshire

Country

UK

Address 1

Recruitment Service Centre (D94)

Address 2

Thane Road

Address 3

Nottingham