Job Description
Information Security Analyst
Department: Central Services
Employment Type: Permanent
Location: Cheltenham
Compensation: £40,000 - £45,000 / year
Employer: Marco (Parent company of PoloWorks)
Location: Cheltenham (Hybrid), with occasional travel to London
Marco is a leading international insurance group providing capital, risk and operational solutions across the global re/insurance market, with PoloWorks as its UK‑based services arm. As our organisation continues to grow, we are expanding our Information Security capability and are seeking a talented Information Security Analyst to join the team.
As an Information Security Analyst, you will play a key role in strengthening the Marco Group’s information security posture across a diverse and evolving technology landscape. You will support the development and implementation of security standards, monitor threats and vulnerabilities, and provide technical expertise across multiple platforms.
Working closely with business functions, you will contribute to the protection of Group information, support incident response activities, and ensure compliance with internal and external security requirements. You will report into the Information Security Management function and collaborate with teams across the Group, including PoloWorks.
This is a hybrid role based in our Cheltenham office, with occasional travel to London.
Key Responsibilities
We are looking for a security professional who is confident engaging at all levels of the organisation and capable of working both independently and as part of a collaborative security team. You will often act as a subject matter expert within projects and new business initiatives.
You will work closely with the Group Information Security Manager, Risk & Compliance Officers, business leads, technology teams, and external IT suppliers to ensure that security processes, policies, audits and risk management activities are effectively implemented and continuously improved.
You will bring strong technical knowledge, sound risk analysis skills, and an understanding of Defence in Depth principles. You should be proactive in staying current with emerging threats and industry best practices. In return, we will support your ongoing development and provide opportunities to grow your expertise within a dynamic international insurance group.
Responsibilities
- Risk identification and assessment
- Information Security policy maintenance and updates
- Compliance monitoring
- Incident response support and planning
- Security awareness & training (monitoring and delivery)
- Project and new business risk assessments
- KRI/KPI monitoring and reporting
- General security guidance across the Group
Skills, Knowledge and Expertise
Experience in the Security Sector (Essential)
Strong aptitude for staying up to date with Information Security standards and technologies
Self‑motivated with a flexible, proactive approach
Experience with data classification and cryptography
Knowledge of:
- Information Security processes
- NIST CSF and technical controls
- ISO 27001 framework
- Data Protection
- Security assessments
- Risk management
One or more of the following certifications
- CISMP, ISC2 CC, ISO 27001 LA/LI, CISM, CISSP, CRISC, CESA SANS or equivalent
