CrawlJobs Logo
AltoVita Logo AltoVita · IT - Administration

InfoSec Analyst

United Kingdom, London · Job Posted June 10, 2026
Apply Position
Job Link Share

Job Description

AltoVita is a multi-award winning accommodation platform that enables enterprises to consolidate accommodation programmes through the power of proprietary technology paired with a human centric approach. AltoVita’s unique offering sets us apart in the market, providing a network of 10 million+ verified and vetted properties are all duty of care compliant, backed by a four-tier quality control process; located in over 35,000 cities & 165 countries world-wide. With our award-winning enterprise software and human-centric approach, we deliver smart and sustainable solutions to global talent mobility & business travel managers worldwide. Our Client Development team plays a vital role as trusted advisors and partners to our clients. Embodying our consultative philosophy, this dedicated team proactively shares new market insights, analyzes data, and empowers our clients with the tools and knowledge to make informed decisions, ensuring our clients are always equipped to make the best choices for their corporate housing needs. AltoVita’s technology provides a cloud-based bridge between the highly fragmented property distribution system and multinational Global 2000 companies. A proprietary two-way API integration with a standardised sourcing process reduces the legacy, inefficient 48-to-72-hour bidding process down to a few minutes, saving valuable time and money. Corporate clients love the bespoke user interface seamlessly configured to their mobility policies, and employees enjoy a greater sense of choice and support in their relocation journey.

Job Responsibility

  • Support the day-to-day operation of AltoVita’s information security and privacy activities
  • Supporting the maintenance of security, privacy and compliance documentation
  • Assisting with tracking security and privacy actions, control improvements and remediation activities
  • Helping maintain registers such as risks, issues, actions, policies, vendors, assets, data processing activities and control evidence
  • Coordinating updates between internal teams to ensure agreed actions are progressed
  • Supporting the preparation of security and privacy reports, summaries and updates for internal stakeholders
  • Helping ensure security and privacy activities are documented, repeatable and easy to evidence
  • Escalating risks, issues or delays to the CISO or relevant business owner
  • Assist with internal and external compliance activities, including ISO 27001, SOC 2, GDPR and client assurance requirements
  • Supporting evidence gathering for audits, assessments and control reviews
  • Helping maintain audit trackers, evidence folders and compliance records
  • Coordinating with internal teams to obtain required documentation and control evidence
  • Supporting follow-up actions from audits, assessments or client reviews
  • Assisting with the maintenance of policies, procedures and standards
  • Helping ensure compliance activities are well organised and delivered within agreed timelines
  • Supporting the CISO and relevant control owners with audit preparation and remediation tracking
  • Help maintain clear, practical and accessible security and privacy documentation
  • Supporting the review and update of information security and privacy policies
  • Assisting with the creation of standards, procedures, guidance notes and user-facing materials
  • Helping ensure documents are version controlled, approved and communicated appropriately
  • Maintaining policy review schedules and tracking required updates
  • Drafting practical guidance for employees on security and privacy topics
  • Supporting the communication of policy changes across the business
  • Helping ensure documentation is accurate, consistent and aligned to business processes
  • Support the delivery of security and privacy awareness activities across AltoVita
  • Carry out security and privacy training administration and responsible for ensuring 100% completion rates across the business
  • Supporting the development of awareness content, reminders, newsletters, FAQs and guidance
  • Helping coordinate phishing simulations and follow-up communications
  • Tracking training completion and awareness participation
  • Supporting campaigns that promote secure behaviours and good privacy practices
  • Helping make security and privacy feel practical, accessible and enabling
  • Escalating recurring behavioural or process issues to the CISO or relevant business owner
  • Support AltoVita’s privacy activities under the direction of the relevant privacy, legal or security lead
  • Assisting with the maintenance of privacy records, including data processing registers and related documentation
  • Supporting the tracking of privacy actions, assessments and improvement activities
  • Helping gather information for privacy reviews, data mapping or data protection impact assessments
  • Supporting internal teams with practical privacy guidance, escalating complex matters where needed
  • Assisting with record keeping for data subject requests, incidents or privacy enquiries
  • Helping ensure privacy documentation remains organised, accurate and accessible
  • Support the completion of client security and privacy questionnaires, RFP responses and due diligence requests
  • Assisting with the preparation of responses to client security and privacy questions
  • Maintaining a library of approved answers, evidence and supporting materials
  • Coordinating with internal subject matter experts to obtain accurate information
  • Ensuring responses are consistent with AltoVita’s current controls, policies and practices
  • Helping translate technical or compliance information into clear, client-friendly language
  • Tracking open client assurance requests and supporting timely completion
  • Escalating complex, high-risk or contractual questions to the CISO, Legal or relevant business owner
  • Support supplier security and privacy processes under the direction of the CISO or relevant business owner
  • Assisting with supplier due diligence questionnaires and evidence collection
  • Helping maintain supplier records, risk ratings and review schedules
  • Tracking supplier security or privacy actions
  • Supporting periodic reviews of key suppliers
  • Helping ensure supplier documentation is complete and up to date
  • Escalating potential supplier risks or concerns to the appropriate owner
  • Support security, privacy and operational risk processes by helping with coordination, documentation and follow-up
  • Supporting the logging and tracking of security or privacy incidents
  • Helping gather relevant information during incident reviews
  • Maintaining incident notes, timelines and action trackers
  • Supporting post-incident follow-up and lessons learned activities
  • Assisting with risk register updates and remediation tracking
  • Escalating suspected incidents or risks promptly to the CISO or relevant lead
  • Supporting the documentation of controls, gaps and agreed improvements
  • This role does not lead incident response or make final risk acceptance decisions
  • Assist with security-related IT and access control activities where required
  • Day to day execution of access controls
  • Supporting access review processes by gathering user access information
  • Helping track joiner, mover and leaver control activities
  • Supporting evidence collection for account provisioning, deprovisioning and access approvals
  • Assisting with documentation of access control processes
  • Helping monitor completion of agreed access management actions
  • Oversight and support on internal reviews of security tooling usage, adoption and documentation
  • Escalating access control issues or gaps to IT, system owners or the CISO

Requirements

  • Experience in information security, privacy, compliance, IT, risk, audit, operations or a related field
  • Working knowledge of information security and privacy principles
  • Awareness of GDPR, ISO 27001, SOC 2 or similar frameworks
  • Ability to maintain trackers, registers, documentation and evidence records
  • Strong written and verbal communication skills
  • Ability to write clear guidance, summaries and user-facing content
  • Strong organisational skills and attention to detail
  • Ability to manage multiple tasks and deadlines
  • Confidence working with stakeholders across different business functions
  • Practical problem-solving approach
  • Comfortable using collaboration tools, document repositories and workflow trackers

Nice to have

  • Exposure to ISO 27001, SOC 2, GDPR or other compliance environments
  • Experience supporting audits, assessments or evidence collection
  • Familiarity with security awareness or training activities
  • Experience supporting client security questionnaires or RFP responses
  • Exposure to vendor risk management or supplier due diligence
  • Familiarity with GRC tools or compliance platforms
  • Basic understanding of access management, MFA, endpoint protection and cloud security principles
  • Relevant certification or willingness to work towards one, such as ISO 27001 Foundation
  • CompTIA Security+
  • CIPP/E
  • CIPM
  • ITIL Foundation
  • SOC 2 or audit-related training
AltoVita - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

InfoSec Analyst

8 matching positions

InfoSec Vulnerability Senior Analyst / Analyst

Location
Location
Salary
Salary:
Not provided
ethicshr.com Logo
Ethics HR
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's Degree in Computer Science or Electronics & Communication Engineering or a related filed from a reputable university
  • Minimum 4 years of experience for the Senior Analyst and minimum of 2 years of experience for the Analyst in banking sector and information security field
  • Penetration Test and Vulnerability Management
  • Security controls, security baseline, technology best practices
  • Enterprise design and architecture
  • Has an integration knowledge across different security technologies and systems
  • Security control enforcement, measure of effectiveness and proposing compensating controls
  • CBE Digital channels regulations
Job Responsibility
Job Responsibility
  • Review on a weekly basis brand protect reports to ensure the bank's brand protection and verify the results with Business & Communication Teams in order to communicate with the concerned third party to take the corrective action
  • Validate discovery scan results against all the bank assets list to discover Live IPs that are not in the asset
  • Validate Wireless Scans results on quarterly basis and send detections (if any) to IT to close them and follow-up closure as per Information Security Policy
  • Validate Security Configuration Review on all Network Security Devices and report misconfiguration findings to IT for mitigation and follow-up till mitigation is completed
  • Validate the change management requests as received from the IT from Information Security perspective then take the suitable action
  • Analyze vulnerabilities to network, operating systems, applications, databases, and other information system components
  • Handle Asset Management including identification, verification and maintenance
  • Analyze and approve change requests that impact the organization on a daily basis
  • Follow up with Threat Intelligence for CBE alerts to proactively identify vulnerabilities that may impact the organization
  • Provides analysis of vulnerabilities to other teams to assist with overall vulnerability remediation efforts
Read More
Arrow Right

InfoSec Risk Senior Analyst / Analyst

Location
Location
Salary
Salary:
Not provided
ethicshr.com Logo
Ethics HR
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's Degree in Computer Science or Electronics & Communication Engineering or a related field from a reputable university
  • Minimum 4 years of experience for the Senior Analyst and 2 years of experience for the Analyst in the banking sector and information security field, including the following background: Risk assessment, identification and mitigation
  • Security controls, security baseline, technology best practices
  • Has an integration knowledge across different security technologies and systems
  • Security control enforcement, measure of effectiveness and proposing compensating controls
  • CBE regulations
Job Responsibility
Job Responsibility
  • Review & maintain the Risk profile according to the bank's Cyber Security Risk appetite
  • Identify information security controls necessary to remediate identified risks and follow up remediation with the concerned business lines
  • Assess information security risks for IT assets and propose appropriate measures to eliminate/reduce risk
  • Coordinate with Information Security teams to manage the risk assessment activities
  • Engage InfoSec Teams in all new initiatives and projects to handle InfoSec risk assessment for new projects/technologies with concerned stakeholders
  • Follow up on Audit reports along with audit Findings/Recommendations by Internal Audit/External Audit, CBE and ensure remediation with the related parties
  • Ensure maintaining Global InfoSec Risk Register for all assessed IT assets & follow up on open risks until closure
  • Review the cases performed by the InfoSec Governance & Compliance Teams from risk perspective side
  • Participate in the Change Advisory Board (CAB) meeting
  • Work on standard and ad-hoc threats providing InfoSec risk assessment as needed
Read More
Arrow Right

InfoSec Compliance Senior Analyst / Analyst

Assist in achieving adequate information security control levels across the bank...
Location
Location
Salary
Salary:
Not provided
ethicshr.com Logo
Ethics HR
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's Degree in Computer Science or Electronics & Communication Engineering or a related field from a reputable university
  • Minimum 4 years of technical & functional experience in Information Security field for the Senior Analyst
  • Minimum 2 years of technical & functional experience in Information Security field for the Analyst
  • Analytical, self-motivated, cooperative & proactive
  • Excellent interpersonal, leadership and directing skills
  • Excellent communication & computer skills
  • Strong understanding of banking operations
  • Analytical mind-set with ability to grasp new concepts and diverse aspects of bank and risk operations
  • Fluency in Arabic and English written/spoken
Job Responsibility
Job Responsibility
  • Assist in achieving adequate information security control levels across the bank's information assets
  • Ensure clear understanding to information security controls necessary to remediate identified risks and follow up remediation with the concerned business lines
  • Assist in implementing PCI-DSS controls allowing for annual re-certification by coordinating with IT and the concerned Business lines
  • Follow up on all PCI-DSS activities to be delivered on time & reviewed by InfoSec Compliance Team Leader and validated by InfoSec Compliance Manager/Associate before delivering to the QSA
  • Ensure clear understanding for information security controls necessary to fulfil compliance and regulatory requirements (Swift, CBE, PCI-DSS, etc.) to ensure an acceptable level of security maturity across the bank
  • Follow up on all information security policies and security controls related to different standards are properly implemented before reviewing by InfoSec Compliance Team Leader & validating by InfoSec Compliance Manager/Associate
  • Follow up on the effectiveness of applied security controls and share knowledge with Information Security Governance Team of future suggested enhancements and optimization
  • Coordinate with Information Security Team in raising non-compliance and risk of lack of security controls
  • Follow up on breaches SLA’s and non-compliances & notify InfoSec Compliance Team Leader to be reported to InfoSec Compliance Manager/Associate & Cyber Security Team to consider in the watch list
  • Attends project design work shops and ensure that the security architecture standards are followed and considered
Read More
Arrow Right

Mainframe Developer

The Applications Development Intermediate Programmer Analyst is an intermediate ...
Location
Location
India , Pune
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5-8 years of relevant experience in the Financial Service industry
  • Good technical programming skill sets on mainframe COBOL, JCL, DB2, mainframe optimization and modernization will be the key pre-requisites
  • This role requires close collaboration with solution lead, senior application development analyst, technical InfoSec officer in translating the design into functional code
  • The scope of work includes understanding of the business requirement, application solutioning and design, InfoSec implications, user story ownership, quality and on time application deliveries (development, testing and implementation)
  • Intermediate level experience in Applications Development role
  • Application domain knowledge is required in any of the Banking and Payment applications such as Customer Demographics, Debit Card Processor, Checking and Savings, Loans, Payments, Customer Statements and Advices,…, etc
  • A good working knowledge of EMV Chip technology, 3D Secured and debit card authentication & authorization will definitely be an added advantage
  • The applicant must be willing to adopt and learn the AI tools provided by the organization to challenge status quo and provide value add productivity to the organization
  • Consistently demonstrates clear and concise written and verbal communication
  • Demonstrated problem-solving and decision-making skills
Job Responsibility
Job Responsibility
  • Utilize knowledge of applications development procedures and concepts, and basic knowledge of other technical areas to identify and define necessary system enhancements, including using script tools and analyzing/interpreting code
  • Consult with users, clients, and other technology groups on issues, and recommend programming solutions, install, and support customer exposure systems
  • Apply fundamental knowledge of programming languages for design specifications
  • Analyze applications to identify vulnerabilities and security issues, as well as conduct testing and debugging
  • Serve as advisor or coach to new or lower level analysts
  • Identify problems, analyze information, and make evaluative judgements to recommend and implement solutions
  • Resolve issues by identifying and selecting solutions through the applications of acquired technical experience and guided by precedents
  • Has the ability to operate with a limited level of direct supervision
  • Can exercise independence of judgement and autonomy
  • Acts as SME to senior stakeholders and /or other team members
  • Fulltime
Read More
Arrow Right

Lead Cyber Security Analyst

Lead Cyber Security Analyst | Asset Manager | £140k + Bonus. You will take end-t...
Location
Location
United Kingdom , London
Salary
Salary:
Not provided
weareorbis.com Logo
Orbis Consultants
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience as a Cyber Lead in a small-to-mid sized organisation or Senior/Lead engineer from a cyber security vendor or MSP
  • Azure cloud experience is essential
  • Familiarity with Zero Trust networking concepts (Azure-based)
  • Broad knowledge of modern InfoSec tooling and practices
  • Exposure to AI and its impact on cyber security is a strong plus
Job Responsibility
Job Responsibility
  • Owning and evolving security policies, standards and procedures
  • Managing and challenging third party security vendors and MSPs
  • Leading audit and assurance activities
  • Oversight of DLP, penetration testing, vulnerability management, and incident response
  • Advising the business on emerging risks, including AI-driven security threats
What we offer
What we offer
  • Bonus
  • Fulltime
Read More
Arrow Right

Database Manager

Our partner is bringing their impressive global success story to Hungary, buildi...
Location
Location
Hungary , Budapest
Salary
Salary:
Not provided
https://www.randstad.com Logo
Randstad
Expiration Date
July 31, 2026
Flip Icon
Requirements
Requirements
  • Microsoft Certified: Azure Data Engineer Associate (DP-203)
  • SnowPro Core Certification
  • Proven experience managing and administering database platforms such as Snowflake, SQL Server, or other cloud‑based data warehouses
  • Hands‑on experience designing, building, and maintaining data pipelines using Azure Data Factory or similar integration tools
  • Strong understanding of ETL/ELT methodologies, data modeling, and performance optimisation.
  • Familiarity with API‑based integrations and connectors for business applications (e.g., Pigment, Sage, CRM/ERP systems)
  • Knowledge of cloud architectures, data storage patterns, and modern data engineering practices.
  • Demonstrated ability to troubleshoot complex database, pipeline, and integration issues.
  • Experience improving system performance, reliability, and scalability through proactive monitoring and optimisation.
  • Ability to manage multiple priorities in a fast-paced environment while maintaining high standards of accuracy.
Job Responsibility
Job Responsibility
  • Oversee the administration, configuration, and optimisation of core database environments including Snowflake, SQL Server, and related cloud data services
  • Ensure high availability, performance, and scalability of all database systems
  • Implement and maintain robust backup, recovery, and disaster‑recovery processes
  • Monitor system health, capacity, and performance, proactively addressing issues before they impact operations
  • Maintain documentation for database architecture, configurations, and operational procedures
  • Manage and enhance data pipelines using Azure Data Factory to support reliable data movement across the organisation
  • Develop, maintain, and optimise ETL/ELT processes feeding downstream systems such as Pigment, Sage, and other business applications
  • Ensure data flows are secure, efficient, and aligned with architectural standards
  • Troubleshoot integration issues and implement long‑term fixes to improve pipeline resilience
  • Collaborate with application owners to design new integrations as business needs evolve
What we offer
What we offer
  • Performance-Based Bonus
  • Cafeteria
  • Pension Contribution
  • Life Insurance
  • Hybrid Model (usually 2-3 days in the office)
  • Home Office Support
  • Work from Abroad for up to 20 days per year
  • Private Health Insurance
  • Mental Health Support
  • Inclusive Care (workplace accessibility, specific health considerations)
  • Fulltime
Read More
Arrow Right

Information Security Engineer

The Information Security Engineer is responsible for designing, implementing, an...
Location
Location
Türkiye , Istanbul
Salary
Salary:
Not provided
5CA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 4+ years of experience in information security engineering, cloud security, or infrastructure security roles
  • Hands-on experience implementing security controls in Azure and Microsoft 365 ecosystems
  • Experience with Defender for Endpoint, Defender for Cloud, Defender for Identity, and Sentinel
  • Experience with secure cloud networking, identity governance, and Zero Trust principles
  • Experience supporting complex incident response investigations
  • Familiarity with ITIL processes (incident, change, problem)
  • Understanding of security frameworks (i.e. ISO 27001:2022) and data privacy regulations (i.e. GDPR)
  • Azure security architecture, governance, and configuration
  • Advanced Entra ID identity governance and access control
  • Endpoint and cloud threat detection (Defender suite)
Job Responsibility
Job Responsibility
  • Design, implement, and maintain security controls across Azure, Entra ID, Microsoft 365, network, and endpoint environments
  • Develop and maintain secure configurations, baselines, and policy frameworks using Azure Policy, Intune compliance, and conditional access
  • Integrate and optimize security tools including Microsoft Defender suite, SIEM/SOAR platforms, cloud security posture management, and identity governance systems
  • Support the design and review of cloud architectures, including secure VNet design, firewalls/NSGs, Private Link, and hybrid connectivity
  • Implement key cloud security protections such as encryption, identity governance, privileged access control, and secure automation frameworks
  • Partner with Cloud Engineers to codify security controls using Infrastructure-as-Code (IaC)
  • Implement and manage identity governance: MFA, Conditional Access, PIM, RBAC, role lifecycle automation
  • Review, assess, and refine authentication and access control configurations
  • Conduct periodic privileged access audits and align identity practices with Zero Trust principles
  • Tune and enhance SIEM/Sentinel detections, automation, and response playbooks
What we offer
What we offer
  • Flexibility to work 100% remotely with no wasted commute time and travel costs
  • Position at a fast-paced international company with ambitious gaming, e-commerce, and tech clients
  • Diverse and inclusive culture with people from 80+ countries, speaking 25+ languages
  • Innovative digital tools, and continuous opportunities for learning and development
  • Access to Udemy Business for learning and development
  • Fun employee engagement activities and participation in 5CA employee-lead communities such as 5CA Connect, Pride, 5CA Gamers, Women of 5CA
  • Fulltime
Read More
Arrow Right

Information Security Engineer

The Information Security Engineer is responsible for designing, implementing, an...
Location
Location
South Africa
Salary
Salary:
Not provided
5CA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 4+ years of experience in information security engineering, cloud security, or infrastructure security roles
  • Hands-on experience implementing security controls in Azure and Microsoft 365 ecosystems
  • Experience with Defender for Endpoint, Defender for Cloud, Defender for Identity, and Sentinel
  • Experience with secure cloud networking, identity governance, and Zero Trust principles
  • Experience supporting complex incident response investigations
  • Familiarity with ITIL processes (incident, change, problem)
  • Understanding of security frameworks (i.e. ISO 27001:2022) and data privacy regulations (i.e. GDPR)
  • Azure security architecture, governance, and configuration
  • Advanced Entra ID identity governance and access control
  • Endpoint and cloud threat detection (Defender suite)
Job Responsibility
Job Responsibility
  • Design, implement, and maintain security controls across Azure, Entra ID, Microsoft 365, network, and endpoint environments
  • Develop and maintain secure configurations, baselines, and policy frameworks using Azure Policy, Intune compliance, and conditional access
  • Integrate and optimize security tools including Microsoft Defender suite, SIEM/SOAR platforms, cloud security posture management, and identity governance systems
  • Support the design and review of cloud architectures, including secure VNet design, firewalls/NSGs, Private Link, and hybrid connectivity
  • Implement key cloud security protections such as encryption, identity governance, privileged access control, and secure automation frameworks
  • Partner with Cloud Engineers to codify security controls using Infrastructure-as-Code (IaC)
  • Implement and manage identity governance: MFA, Conditional Access, PIM, RBAC, role lifecycle automation
  • Review, assess, and refine authentication and access control configurations
  • Conduct periodic privileged access audits and align identity practices with Zero Trust principles
  • Tune and enhance SIEM/Sentinel detections, automation, and response playbooks
What we offer
What we offer
  • The flexibility to work 100% remotely with no wasted commute time and travel costs
  • A position at a fast-paced international company with ambitious gaming, e-commerce, and tech clients
  • A diverse and inclusive culture with people from 80+ countries, speaking 25+ languages
  • Innovative digital tools, and continuous opportunities for learning and development
  • Access to Udemy Business for learning and development
  • Fun employee engagement activities and participation in 5CA employee-lead communities
  • Fulltime
Read More
Arrow Right