CrawlJobs Logo

Security & Privacy Analyst

spectrum.life Logo

Spectrum Life

Location Icon

Location:
United Kingdom

Category Icon
Category:
IT - Administration

Job Type Icon

Contract Type:
Employment contract

Salary Icon

Salary:

Not provided
Save Job
Save Icon
Apply Position

Job Description:

The Security & Privacy Analyst will play a key role in protecting Spectrum.Life’s information assets, ensuring privacy-by-design across products and services, and supporting the organisation in meeting high standards of security, compliance, and data protection. This role combines hands-on security operations, privacy analysis, compliance monitoring, and cross-functional collaboration with engineering, product, operations, and clinical teams.

Job Responsibility:

  • Monitor, assess, and respond to security alerts, incidents, and vulnerabilities across the technology environment
  • Support security operations activities including log analysis, threat detection, endpoint security, and access control management
  • Conduct regular vulnerability assessments and coordinate remediation with relevant teams
  • Assist in maintaining and improving security tools, controls, and frameworks (e.g., SIEM, IAM, MDM, KnowBe4, encryption standards)
  • Support third-party security reviews and due diligence assessments
  • Participate in business continuity and disaster recovery planning and testing
  • Support GDPR and other applicable privacy frameworks (e.g., ePrivacy, UK GDPR, HIPAA-aligned practices for clinical contexts)
  • Conduct Data Protection Impact Assessments (DPIAs) and Legitimate Interest Assessments (LIAs)
  • Assist in maintaining Records of Processing Activities (RoPA)
  • Review new product features and vendor integrations for compliance with privacy-by-design and security-by-design principles
  • Monitor adherence to internal data protection policies and assist in facilitating corrective actions
  • Assist with internal audits, risk assessments, and external certifications (e.g., ISO 27001, DCB0129/0160, Cyber Essentials)
  • Help develop and maintain security and privacy documentation, standards, and procedures
  • Track remediation of audit findings and risk treatment plans
  • Support employee security/privacy training and awareness initiatives
  • Contribute to policy updates and ensure alignment with regulatory requirements
  • Support investigations of potential data breaches or security incidents
  • Assist in managing the incident lifecycle from detection to resolution
  • Help prepare incident reports, root cause analyses, and corrective action plans
  • Work with internal teams to implement lessons learned and strengthen preventive controls

Requirements:

  • Experience in information security, privacy, compliance, or a related field
  • Strong understanding of GDPR, data protection principles, and privacy best practices
  • Familiarity with security operations, vulnerability management, and incident response
  • Experience with security tools (e.g., SIEM, endpoint protection, logging platforms)
  • Ability to interpret risks and communicate them clearly to technical and non-technical audiences
  • Strong documentation, analytical, and problem-solving skills
  • Excellent attention to detail and commitment to quality
  • Experience in health-tech, clinical platforms, or handling sensitive health data
  • Certifications such as ISO 27001 Lead Implementer/Auditor, CompTIA Security+, CISSP, CIPP/E, or equivalent
  • Experience supporting audits or managing compliance frameworks
  • Familiarity with cloud security and secure development practices
What we offer:
  • Full time permanent contract
  • Competitive salary (Dependent on experience)
  • In-office, remote or hybrid working options
  • 25 days annual leave
  • 24/7 EAP and a wide range of health and wellbeing supports
  • Extensive list of employee perks and benefits

Additional Information:

Job Posted:
December 12, 2025

Employment Type:
Fulltime
Work Type:
Remote work
Icon
Spectrum Life - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Security & Privacy Analyst

Privacy & AI Analyst

As Privacy & AI Analyst at Perk, you’ll help shape the future of privacy and AI ...
Location
Location
Spain , Barcelona
Salary
Salary:
Not provided
yokoy.io Logo
Yokoy
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Passion for Privacy & AI in the evolving tech space
  • 2-5 years of experience in privacy, data protection, AI governance, compliance, information security, or a related field, ideally in a technology or SaaS environment
  • Practical knowledge of key Privacy & AI regulations and frameworks
  • Proven track record owning privacy operations end‑to‑end with no to minimal supervision
  • Ability to grasp complex technical concepts
  • Excellent problem‑solving and sound risk judgment
  • Clear, concise communication tailored to technical and non‑technical audiences
  • Self‑starter, able to prioritize impact over effort
Job Responsibility
Job Responsibility
  • Help build and evolve Perk's privacy and AI governance programs
  • Identify and assess privacy and AI risks
  • Manage our privacy and AI tooling stack
  • Keep policies and guidelines updated
  • Handle day-to-day privacy inquiries
  • Run core accountability activities
  • Partner with the Privacy Counsel & DPO to turn regulatory updates into practical guidance
  • Track and report key program performance metrics
  • Keep our privacy and AI governance programs aligned to GDPR, the EU AI Act, and other applicable laws
  • Support ISO 27701/27001/42001/23894 internal and external audits
What we offer
What we offer
  • Competitive compensation and equity ownership
  • Generous allocation of vacation days plus public holidays
  • Choice of private healthcare or a gym allowance
  • Life Insurance
  • Perk events
  • Access to 12x therapy and 12x coaching sessions
  • Flexible compensation plan
  • 17 weeks’ paid parental leave
  • 16 paid hours per year for volunteering
  • Up to 20 "Work from Anywhere" days per year
  • Fulltime
Read More
Arrow Right

Privacy & AI Analyst

As Privacy & AI Analyst at Perk, you’ll help shape the future of privacy and AI ...
Location
Location
United Kingdom , London
Salary
Salary:
Not provided
yokoy.io Logo
Yokoy
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Passion for Privacy & AI in the evolving tech space
  • 2-5 years of experience in privacy, data protection, AI governance, compliance, information security, or a related field, ideally in a technology or SaaS environment
  • Practical knowledge of key Privacy & AI regulations and frameworks
  • Proven track record owning privacy operations end‑to‑end with no to minimal supervision
  • Ability to grasp complex technical concepts
  • Excellent problem‑solving and sound risk judgment
  • Clear, concise communication tailored to technical and non‑technical audiences
  • strong drafting skills for policies, guidance, and training
  • Self‑starter, able to prioritize impact over effort
Job Responsibility
Job Responsibility
  • Help build and evolve Perk's privacy and AI governance programs
  • Identify and assess privacy and AI risks
  • Manage privacy and AI tooling stack
  • Keep policies and guidelines updated
  • Handle day-to-day privacy inquiries including DSR intake, responses, tracking, and escalation
  • Run core accountability activities like ROPAs, AI inventory, DPIAs/FRIAs, LIAs, TIAs, consent tracking, marketing opt-outs, and third-party due diligence
  • Partner with the Privacy Counsel & DPO to turn regulatory updates into practical, scalable guidance
  • Track and report key program performance metrics, trends, and risks
  • Keep privacy and AI governance programs aligned to GDPR, the EU AI Act, and other applicable laws
  • Support ISO 27701/27001/42001/23894 internal and external audits, evidence collection, and ongoing maintenance
What we offer
What we offer
  • 25 days of annual leave plus bank holidays
  • Competitive compensation and equity ownership
  • Private medical cover and voluntary dental insurance from Bupa
  • Discounted gym memberships with GymFlex
  • Company pension plan with Aviva
  • Life Insurance
  • Income protection
  • Tax-efficient cycle and electric car schemes with Cycle2Work & Octopus
  • Unforgettable Perk events
  • Access to 12x therapy and 12x coaching sessions via Spring Health
  • Fulltime
Read More
Arrow Right

Risk & Information Security Associate Analyst

We are looking for a highly organized, detail-oriented Risk & Information Securi...
Location
Location
Cyprus , Nicosia
Salary
Salary:
Not provided
www-ap.albourne.com Logo
Albourne
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 2–3 years of professional experience
  • Excellent organizational skills with the ability to manage multiple workstreams and meet deadlines in a dynamic environment
  • Strong written and verbal communication skills, including the ability to prepare concise, well-structured documents and interact professionally across all levels of the business
  • Meticulous attention to detail, particularly in preparing audit materials, compliance documentation, and reviewing access controls
  • Proactive and self-motivated, able to work independently and across time zones without direct daily supervision
  • Comfortable handling sensitive and confidential information with discretion
  • Interest in technology, cybersecurity, and enterprise risk
  • Basic understanding of information security principles and frameworks (e.g., ISO 27001, NIST)
  • Ability to interpret and work with structured information (e.g., policies, risk registers, audit plans)
  • Capable of coordinating inputs from multiple stakeholders and compiling them into coherent outputs (e.g., committee papers, training summaries, client DDQs)
Job Responsibility
Job Responsibility
  • Monitor and report on the effectiveness of information security controls
  • Support the identification, tracking, and resolution of security incidents or weaknesses
  • Assist in maintaining security metrics and dashboards for internal reporting
  • Contribute to the assessment of operational, technology, and third-party risks
  • Assist in evaluating controls and proposing mitigation strategies aligned with risk appetite
  • Participate in internal audits and control testing, ensuring timely remediation of findings
  • Help maintain and enforce security and risk management policies and procedures
  • Support compliance with relevant data protection, privacy, and information security regulations
  • Coordinate periodic user access reviews and assist with awareness initiatives
  • Work across departments to gather risk-related information and support secure business operations
What we offer
What we offer
  • Support for professional qualifications (such as CFA and CAIA)
  • Career growth and tools for ongoing learning and development
  • Medical insurance for you and your dependents
  • Provident fund
  • Yearly bonus dependent upon performance and company growth
  • Opportunity for international travel (i.e., short periods of secondment to other Albourne offices)
  • 5 additional service recognition holidays in surplus to standard annual leave
  • Albourne Training Days (minimum of 40 hours per year)
  • Free office parking
  • A supportive, diverse, and multi-cultural work environment
  • Fulltime
Read More
Arrow Right

Senior Third-Party Security Risk Analyst

As a Senior Third-Party Security Risk Specialist at Ledger, you will play a vita...
Location
Location
France , Paris
Salary
Salary:
Not provided
https://www.ledger.com Logo
Ledger
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Master degree in Information Security, Cybersecurity, or a related field
  • 5+ years of progressive experience in third-party risk management, with a strong background in audit, risk management, compliance, or a related control function within a complex organization
  • Proven project management skills with the ability to manage complex, cross-functional projects and maintain comprehensive documentation
  • In-depth knowledge of security frameworks and standards (e.g., ISO 27001, NIST Cybersecurity Framework) and experience in applying them to third-party risk management and regulatory requirements
  • Excellent analytical and problem-solving skills with a focus on identifying root causes and developing effective solutions
  • Strong communication and interpersonal skills, including the ability to influence and negotiate with vendors and stakeholders at all levels
Job Responsibility
Job Responsibility
  • Conduct comprehensive security assessments of third-party vendors, including reviewing their security policies, procedures, and controls
  • Proactively identify and evaluate potential security/privacy risks associated with a particular focus on those that could impact Ledger's reputation, financial stability, and customer trust
  • Develop and implement risk mitigation strategies to address identified vulnerabilities
  • Lead the collaboration with vendors to remediate security gaps and ensure compliance with Ledger's stringent security requirements
  • Establish and maintain a robust vendor security monitoring program, driving continuous improvement in vendor security posture and compliance
  • Develop, implement, and continuously improve Ledger's third-party security risk management program, including policies, standards, procedures, and tools
  • Prepare reports and presentations on vendor security risks and mitigation efforts to senior management, stakeholders, and the Comex
  • Participate in audits as part of the Privacy audit program according to the agreed annual audit plan
What we offer
What we offer
  • Equity: Employees are the foundation of our success, and we award stock options so you can share in that success as we grow
  • Flexibility: A hybrid work policy
  • Social: Annual company outing for Ledgerdary Days, plus frequent social events, snacks and drinks
  • Medical: Comprehensive health insurance policy offering extensive medical, dental and vision care coverage
  • Well-being: Personal development, coaching & fitness with our dedicated partners
  • Vacation: Five weeks of paid leave per year, in addition to national holidays and rest & relaxation (RTT) days
  • High tech: Access to high performance office equipment and gadgets
  • Transport: Ledger reimburses part of your preferred means of transportation
  • Discounts: Employee discount on all our products
  • Fulltime
Read More
Arrow Right

Senior Third-Party Security Risk Analyst

As a Senior Third-Party Security Risk Specialist at Ledger, you will contribute ...
Location
Location
France , Paris
Salary
Salary:
Not provided
https://www.ledger.com Logo
Ledger
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Master degree in Information Security, Cybersecurity, or a related field
  • 5+ years of progressive experience in third-party risk management, with a strong background in audit, risk management, compliance, or a related control function within a complex organization
  • Proven project management skills with the ability to manage complex, cross-functional projects and maintain comprehensive documentation
  • In-depth knowledge of security frameworks and standards (e.g., ISO 27001, NIST Cybersecurity Framework) and experience in applying them to third-party risk management and regulatory requirements
  • Excellent analytical and problem-solving skills with a focus on identifying root causes and developing effective solutions
  • Strong communication and interpersonal skills, including the ability to influence and negotiate with vendors and stakeholders at all levels.
Job Responsibility
Job Responsibility
  • Conduct comprehensive security assessments of third-party vendors, including reviewing their security policies, procedures, and controls
  • Proactively identify and evaluate potential security/privacy risks associated with a particular focus on those that could impact Ledger's reputation, financial stability, and customer trust
  • Develop and implement risk mitigation strategies to address identified vulnerabilities
  • Lead the collaboration with vendors to remediate security gaps and ensure compliance with Ledger's stringent security requirements
  • Establish and maintain a robust vendor security monitoring program, driving continuous improvement in vendor security posture and compliance
  • Develop, implement, and continuously improve Ledger's third-party security risk management program, including policies, standards, procedures, and tools
  • Prepare reports and presentations on vendor security risks and mitigation efforts to senior management, stakeholders, and the Comex
  • Participate in audits as part of the Privacy audit program according to the agreed annual audit plan.
What we offer
What we offer
  • Equity: Employees are the foundation of our success, and we award stock options so you can share in that success as we grow
  • Flexibility: A hybrid work policy
  • Social: Annual company outing for Ledgerdary Days, plus frequent social events, snacks and drinks
  • Medical: Comprehensive health insurance policy offering extensive medical, dental and vision care coverage
  • Well-being: Personal development, coaching & fitness with our dedicated partners
  • Vacation: Five weeks of paid leave per year, in addition to national holidays and rest & relaxation (RTT) days
  • High tech: Access to high performance office equipment and gadgets
  • Transport: Ledger reimburses part of your preferred means of transportation
  • Discounts: Employee discount on all our products.
  • Fulltime
Read More
Arrow Right

Security Governance Risk & Compliance (GRC) Analyst

Here at Virtru you’ll help build a cutting edge security compliance program alig...
Location
Location
United States , Washington, DC
Salary
Salary:
130000.00 - 180000.00 USD / Year
virtru.com Logo
Virtru
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum of 5+ years of information security, IT audit and/or IT Risk Management, or GRC Analyst/Engineer experience
  • Deep understanding of at least few of the following: CMMC, NIST 800-53 & 800-171, FedRAMP, SOC 2, PCI, and/or other global privacy compliance frameworks
  • Technical acumen. Strong understanding of modern cloud technologies (AWS, GCP, Azure, etc.) and familiarity with GRC tools (Hyperproof, Vanta, Drata, etc) and SIEM tools (Datadog, Splunk)
  • You’re a relationship builder and have worked with both business and technical risk and understand how to translate risk to various levels of the organization
  • Have experience training and coaching teams to become better security and privacy practitioners
  • Like working on an autonomous agile team
  • Ability to resolve conflicts and drive issues to completion
  • Work independently with little or no supervision while maintaining a high level of efficiency
  • Hands on experience deploying and managing vulnerability scanning/cloud security posture management tools (Wiz, Prismacloud, etc.) to meet security compliance requirements
  • Real-world IR experience participating on security On-Call teams
Job Responsibility
Job Responsibility
  • Manage and implement complex controls frameworks for large systems, consisting of Cloud infrastructure and Software as a Service (SaaS) services (GCP, AWS, GitHub, Okta, etc)
  • Design and develop automation solutions for evidence collection across Cloud infrastructure, endpoints, and SaaS services
  • Conduct risk assessments across business units and processes. Identify risk findings and recommend remediation and risk mitigation strategies
  • Assist or implement automated controls to support risk mitigation efforts across various business units with stakeholders
  • Incorporate CMMC certification into Virtru’s slate of compliance assessments and ongoing monitoring activities (FedRAMP, SOC 2, PCI)
  • Facilitate the third-party vendor on-boarding and annual review process by evaluating the security of current and prospective partners
  • Participate in incident response (IR) activities, providing risk analysis and remediation support as needed
  • Enhance the team with your individualism, spirit, and love of learning
What we offer
What we offer
  • A Flexible PTO policy
  • A $1,500 annual Learning & Development Stipend
  • Frequent company-sponsored team celebrations
  • Access to an Employee Assistance Program
  • Access to Headspace, a mental health app
  • A flat 3% contribution to your retirement account
  • A high degree of flexibility
  • Competitive compensation
  • Generous parental, medical, and bereavement policies
  • 401K contribution and stock options
  • Fulltime
Read More
Arrow Right

Senior Trust Analyst

The Trust Engagement team is a globally distributed group of risk professionals ...
Location
Location
Poland , Gdańsk
Salary
Salary:
Not provided
https://www.atlassian.com Logo
Atlassian
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 7+ years experience working with customers across Security, Governance, Risk and Compliance domain areas
  • Expertise to guide discussions about security and risk trade-offs
  • Customer facing or consulting engagement experience
  • Success with customer, executive, or board member briefings on strategy
  • Knowledge of security, compliance and privacy frameworks & standards (e.g., GDPR, HIPAA, SOC2, ISO27001, NIST 800-53, PCI-DSS, C5)
  • Experience working with Regulatory Compliance, Global Privacy Programs, Cloud Security or related functions
  • Familiarity with large-scale enterprise SaaS platforms and challenges across security, privacy and compliance related to customer trust
  • Understanding of cybersecurity principles and their application in a SaaS context
  • Understanding infrastructure and delivery models of SaaS products
  • Proficient knowledge of cloud platforms (e.g., AWS, Azure, Google Cloud) and their services
Job Responsibility
Job Responsibility
  • Represent Atlassian with our Strategic & Enterprise customers to remove trust as a blocker for customer acquisition, customer migration, and long term customer retention
  • Be accountable for engaging in a variety of Atlassian customer facing initiatives. Your primary focus will involve helping our customers gain an understanding of Atlassian’s commitment to Trust by articulating our Security practices, Compliance posture, and Privacy measures
  • Manage complex customer security reviews & audits
  • Support legal in negotiating security and compliance terms & exhibits for Atlassian Customer Agreements
  • Represent the Voice of the Customer by identifying deal blockers and friction points to influence Security, Product & Engineering strategy in meeting customer expectations
  • Drive customer facing Trust collateral by publishing publicly facing materials, presentations, white papers
  • Provide security, compliance, and privacy education and training to internal partner teams in Sales, Product Marketing, Legal, etc.
  • Mentor team through technical leadership and knowledge sharing.
What we offer
What we offer
  • Health and wellbeing resources
  • Paid volunteer days
  • Various perks described at go.atlassian.com/perksandbenefits.
  • Fulltime
Read More
Arrow Right

Senior Trust Analyst

The Trust Engagement team is a globally distributed group of Security and Risk p...
Location
Location
Poland , Gdańsk
Salary
Salary:
Not provided
https://www.atlassian.com Logo
Atlassian
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 7+ years experience working with customers across Security, Governance, Risk and Compliance domain areas
  • Expertise to lead discussions with decision makers about security and risk trade-offs
  • Direct customer-facing or consulting engagement experience
  • Success with customer, executive, or board member briefings on strategy, including impactful and effective presentations
  • Knowledge of security, compliance, and privacy frameworks & standards (e.g., GDPR, HIPAA, SOC2, ISO27001, NIST 800-53, PCI-DSS, C5, DORA, NIS2)
  • Experience working with Regulatory Compliance, Global Privacy Programs, Cloud Security or related functions
  • Familiarity with large-scale enterprise SaaS platforms and challenges across security, privacy and compliance related to customer trust
  • Experience with cybersecurity principles and controls, including their application in a SaaS context
  • Understanding infrastructure and delivery models of SaaS products
  • Proficient knowledge of cloud platforms (e.g., AWS, Azure, Google Cloud) and their services
Job Responsibility
Job Responsibility
  • Represent Atlassian with our Strategic & Enterprise customers to manage trust-related questions and concerns for customer acquisition, customer migration, and long term customer retention
  • Be accountable for engaging in a variety of Atlassian customer facing initiatives. Your primary focus will involve helping our customers gain an understanding of Atlassian’s commitment to Trust by articulating our Security practices, Compliance posture, Privacy measures, Resilience efforts and Anti-Abuse program
  • Manage complex customer security reviews & audits
  • Support Atlassian’s legal teams in negotiating security and compliance terms & exhibits for Atlassian Customer Agreements
  • Represent the Voice of the Customer by identifying deal blockers and friction points to influence Security, Product & Engineering strategy in meeting customer expectations
  • Drive customer facing Trust collateral by publishing publicly facing materials, presentations, white papers
  • Provide security, compliance, and privacy education and training to internal partner teams in Sales, Product Marketing, Legal, etc.
  • Mentor team through technical leadership and knowledge sharing.
What we offer
What we offer
  • Health and wellbeing resources
  • Paid volunteer days
  • Wide range of perks and benefits designed to support you and your family.
Read More
Arrow Right
Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Canada Jobs Australia Jobs Germany Jobs Ireland Jobs Poland Jobs
Company
Blog About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
CrawlJobs Group
ITFlashcards AllDevBlogs
© 2026 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy