Security & Privacy Analyst Jobs

Spectrum Life

Location:
United Kingdom

Category:
IT - Administration

Contract Type:
Employment contract

Salary:

Not provided

Save Job

Apply Position

Job Description:

The Security & Privacy Analyst will play a key role in protecting Spectrum.Life’s information assets, ensuring privacy-by-design across products and services, and supporting the organisation in meeting high standards of security, compliance, and data protection. This role combines hands-on security operations, privacy analysis, compliance monitoring, and cross-functional collaboration with engineering, product, operations, and clinical teams.

Job Responsibility:

Monitor, assess, and respond to security alerts, incidents, and vulnerabilities across the technology environment
Support security operations activities including log analysis, threat detection, endpoint security, and access control management
Conduct regular vulnerability assessments and coordinate remediation with relevant teams
Assist in maintaining and improving security tools, controls, and frameworks (e.g., SIEM, IAM, MDM, KnowBe4, encryption standards)
Support third-party security reviews and due diligence assessments
Participate in business continuity and disaster recovery planning and testing
Support GDPR and other applicable privacy frameworks (e.g., ePrivacy, UK GDPR, HIPAA-aligned practices for clinical contexts)
Conduct Data Protection Impact Assessments (DPIAs) and Legitimate Interest Assessments (LIAs)
Assist in maintaining Records of Processing Activities (RoPA)
Review new product features and vendor integrations for compliance with privacy-by-design and security-by-design principles
Monitor adherence to internal data protection policies and assist in facilitating corrective actions
Assist with internal audits, risk assessments, and external certifications (e.g., ISO 27001, DCB0129/0160, Cyber Essentials)
Help develop and maintain security and privacy documentation, standards, and procedures
Track remediation of audit findings and risk treatment plans
Support employee security/privacy training and awareness initiatives
Contribute to policy updates and ensure alignment with regulatory requirements
Support investigations of potential data breaches or security incidents
Assist in managing the incident lifecycle from detection to resolution
Help prepare incident reports, root cause analyses, and corrective action plans
Work with internal teams to implement lessons learned and strengthen preventive controls

Requirements:

Experience in information security, privacy, compliance, or a related field
Strong understanding of GDPR, data protection principles, and privacy best practices
Familiarity with security operations, vulnerability management, and incident response
Experience with security tools (e.g., SIEM, endpoint protection, logging platforms)
Ability to interpret risks and communicate them clearly to technical and non-technical audiences
Strong documentation, analytical, and problem-solving skills
Excellent attention to detail and commitment to quality
Experience in health-tech, clinical platforms, or handling sensitive health data
Certifications such as ISO 27001 Lead Implementer/Auditor, CompTIA Security+, CISSP, CIPP/E, or equivalent
Experience supporting audits or managing compliance frameworks
Familiarity with cloud security and secure development practices

What we offer:

Full time permanent contract
Competitive salary (Dependent on experience)
In-office, remote or hybrid working options
25 days annual leave
24/7 EAP and a wide range of health and wellbeing supports
Extensive list of employee perks and benefits

Additional Information:

Job Posted:
December 12, 2025

Employment Type:

Fulltime

Work Type:

Remote work

View All Jobs In This Company

Job Link Share:

Security & Privacy Analyst