Infomation Security Analyst

About this role

Responsibilities

• Commercial Support
• Assist with RFP responses and client security questionnaires.
• Support client annual security audits and due diligence requests.
• Respond to internal and external queries relating to information security controls.
• Review and interpret security-related contractual clauses, including data protection, data retention, and audit requirements.
• Procurement & Supplier Due Diligence
• Support the supplier security due diligence process for new vendors.
• Participate in procurement and supplier onboarding discussions.
• Collaborate with teams to ensure suppliers meet company security standards.
• Vendor Risk Management
• Maintain annual vendor due diligence reviews and documentation.
• Track supplier inventories and criticality ratings.
• Monitor performance and risk indicators for key suppliers (SLA breaches, downtime, incidents, and news).
• Support projects such as fourth-party risk assessments and information gathering.
• Monitor scope changes in vendor products and services as they become available.
• Work closely with Legal, IT, and Security teams on emerging topics such as AI usage and third-party tools.
• IT & Technical Security
• Work with IT and Security teams to research new technologies and integrations.
• Support technical security initiatives and projects.
• Conduct data flow mapping and architecture documentation.
• Assist in evaluating system integrations (for example applications connected to CRM platforms).
• Audit & Compliance
• Support ongoing security and compliance programmes including ISO/IEC 27001 and SOC 2.
• Assist with internal audit activities and control checks.
• Help maintain documentation and evidence required for audits and certifications.
• Required Skills:
• Experience working with similar roles, ideally in IT support, security operations, compliance, or internal audit.
• Good understanding of core IT and security concepts such as:
• Endpoint management
• Identity and access management
• APIs and integrations
• Ability to work across multiple teams and communicate effectively with both technical and non-technical stakeholders.
• Strong organisational skills and ability to manage projects and documentation.
• Comfortable handling both operational tasks and more complex security projects.
• Ability to build strong internal relationships and collaborate across departments.
• Pragmatic and solution-oriented approach to information security.
• Experience working with or evaluating AI tools and products
• Candidates should ideally have:
• A relevant qualification in Information Security, IT, Cybersecurity, or Computer Science, or
• Relevant professional certifications (or working toward them), such as:
• ISO 27001 Lead Implementer / Lead Auditor
• CISA or similar
• Equivalent hands-on experience in IT, security, or audit roles will also be considered.

About ComplyAdvantage

Our mission is to empower every business to eliminate financial crime. By harnessing AI, a unified platform, and an extensive partner ecosystem, we help customers turn compliance into a catalyst for growth, operational resilience, and enduring regulatory trust. More than 3,000 enterprises across 75 countries rely on our end-to-end platform and the world’s most comprehensive financial crime risk intelligence. With full-stack agentic automation, we help organizations automate up to 95% of KYC, AML, and sanctions reviews, cut onboarding times by 50%, reduce false positives by 70%, and handle 7x more work with the same staff. ComplyAdvantage is headquartered in London and has global hubs in New York, Lisbon, Singapore, and Cluj-Napoca. It is backed by Balderton Capital, Index Ventures, Ontario Teachers’ Pension Plan, Goldman Sachs, and Andreessen Horowitz. Learn more about compliance re-engineered for the age of AI at complyadvantage.com.