Information Security Analyst

IT Marlow, UK

You will love this role if you:

  • Enjoy implementing change and new IT systems
  • Enjoy working on a global scale with multiple teams
  • Enjoy leading all aspects of information security and comfortable owning the process

You will be a success if you:

  • Have practical knowledge or GDPR/Data Privacy in the UK and EU, with knowledge of equivalent protocols in other geographies would be beneficial
  • Have the ability to build and manage strong business relationships to maximise third-party services, such as working with managed service providers and other delivery third parties/partners
  • Highly proficient IT skills in Word, Excel, PowerPoint and MS project

As part of the OPEN Health IT team, you’ll be responsible for the following activities:

You’ll be responsible for creating and maintaining a security programme to deliver the OpenHealth IT strategy which ensures the business is meeting best practice compliance and data standards, as well as those driven by regulators and external client requirements.

  • Advise on, develop and create information security and data policies and processes
  • Understand the concepts and have the ability to pragmatically implement strategies according to least privilege principles and zero trust
  • Lead the implementation of the IT security strategy with respect to GRC and data protection ensuring key information assets are sufficiently protected
  • Lead the implementation of Information Security initiatives such as Data Loss Prevention, data classification and retention
  • Ensure practices around classified materials - such as Document Handling, IT Security, Physical Security and Personnel Vetting - are compliant and well managed
  • Work with technical teams or technical third parties to advise and define information security and data protection requirements. Whilst advocating ‘security by design’, You will be expected to ensure that’s O365 Compliance Center parameters/strategies are implemented and maintained on an on-going basis
  • Work in partnership with Legal and GRC teams to define and implement data protection standards that will support the implementation of the required privacy protocols and standards across the organisation
  • Work with external DPO and IT Security partners to ensure the OpenHealth technology environment is as secure as possible for our client and practice data, as well as using these sources to constantly evolve our process & procedures
  • Own all Information Security requirements including ISO 27001 compliance and implementing a fully functioning Information Security Management System (ISMS)
  • Act as the point of contact for all IT and Information Security Audit requirements.
  • Support the business to ensure they understand the principles Business Continuity Planning and support the regular testing of their plans. This will include working with your IT colleagues to ensure disaster recover procedures are resilient and tested regularly

What you’ll bring:

  • At least three years of relevant Information Security experience
  • At least 3 years working first-hand with IS27001/ITIL based policies and procedures
  • Ability to communicate and present security concepts in ways that is easy to understand, organisationally relevant and compelling to both IT colleagues and business partners
  • Have expert knowledge and experience as a Data Practitioner and showing familiarity in a number of technology infrastructures (MS365, SharePoint ) and must be accustomed to frameworks such as NIST, ISO27001, TOGAF, SABSA, SOC II
  • Practical implementation and maintenance of O365 Compliance Centre and similar O365-based tools
  • Have a detailed understanding of DLP tools, what they do and why, and to lead the OPEN Health implementation of this toolset
  • Experience with or have the ability to work with technical engineering and architecture teams to advise on information security, it is highly preferable that your experience is within a platform or product-based environment
  • Have an excellent knowledge and practical application of data protection including data subject access requests, data audits, data privacy impact assessments, data incident management, GDPR compliance, privacy policies etc
  • Experience across a range of security techniques and technologies; managing access control, end-points, firewalls, SIEM

What we offer:

At OPEN Health, we are entirely dependent upon our people. They are the basis of every contract we win, every service we provide and every project we deliver. As a result, we are always on the lookout for the brightest, most enthusiastic, creative and ambitious individuals to join our teams in the UK. We work hard to create friendly and collaborative workplaces; to provide fascinating professional challenges and amazing opportunities.

We have an extensive benefits package that includes:

  • A total of 29 days holidays – 25 plus an additional 3 at Christmas shutdown and your birthday off
  • Flexible start and finish times around core office hours
  • 4 pm Friday finish
  • A training platform that provides access to self-paced and face-to-face learning & development
  • Group Income Protection
  • Private Medical Insurance
  • Employee Assistance Programme
  • Life Assurance
  • Enhanced parental leave
  • Casual dress code
  • Active CSR community supporting a range of worthwhile causes

Reasons to join OPEN Health

People are at the heart of our business. Without our incredibly talented people we couldn’t offer our clients the world-class service they have come to expect. We know how important it is to support, develop, reward and encourage.

See more reasons to join us »

About OPEN Health

OPEN Health brings together deep scientific knowledge, global understanding and broad specialist expertise to support our clients in improving health outcomes and patient wellbeing.

We are united as one flexible organization, harnessing the power of the collective to solve complex challenges. Our global team of experts — many with PhDs and PharmDs — work strategically alongside our client partners in Medical Affairs, Health Economics and Outcomes Research (HEOR), Market Access and Commercial teams across a wide range of therapy areas.

OPEN Health: Established as many. United as one.

Apply for this position

If you're interested in this position, please click the link below to apply. If you have any questions, please email us at, or call the Talent Team on 01628 481112.

How we use and store your data: Recruitment Privacy Notice