Job Type

Full Time


4 days ago



Conducts internal audits and inspections to realize site audit plan; makes recommendations to control or mitigate risk.

Job title:

Senior Information Security Analyst

Job Description:

The welfare of our people is of paramount importance to us, and we’re doing everything we can to keep our employees and customers safe during this time. We’re supporting our clients as they adapt to a new world in the wake of COVID-19. We’re now recruiting for roles which will help our clients to deliver vital services and to resume business wherever possible.

Senior Information Security Analyst

Location: Home Worker (Occasional travel to Coventry CV6 5NX)

Join our Government Services business and help to deliver innovative technology solutions to help millions of people every day. Capita have worked with Transport for London (TfL) since 2014, we manage London’s Congestion Charging Zone, Low Emission Zone and Traffic Enforcement Notice Processing activities for our client. We also oversee the new Ultra-Low Emission Zone (ULEZ) and we are responsible for the design, implementation and operation of the systems, as well as all front and back office processes on TfL’s behalf.

| The Opportunity | What you’ll be doing!

As a Senior Information Security Analyst, you will join team who will support the delivery of the Information Security Management System for Capita Transport for London. Working with the Information Security Risk Manager to support a robust programme of Security Information Assurance activities and ensuring that issues are identified, reported, addressed/escalated or accepted as appropriate.

| Purpose of Job | Key Accountabilities

  • Information Security Management System (ISMS). Supporting Information Security Risk Manager with the management of the ISMS. Ensuring the integrity of the documentation, identifying improvements based on security review and supporting the development of all security collateral and artefacts. Completing Internal Audits on ISO27001 controls.
  • Managing the End-To-End Execution of The Information Security Audit Lifecycle. defining the strategy and management of CTFL’s internal audit program in line with ISO27001 certification, PCI DSS and Data Protection controls are appropriate for the business need.
  • Undertaking Policy and Contractual Compliance Reviews – following standard processes, scoping, planning, completing and documenting reviews to improve understanding of policy compliance across Capita TfL and identify areas in need of improvement. Following completion of a review and issue of the report, tracking the identified actions to an acceptable conclusion.
  • Undertaking 3rd Party Security Due Diligence Assessments - Working with Information Security Risk Manager to assess 3rd Party Security arrangements to an agreed schedule.
  • Issue management – Supporting Information Security Risk Manager in the tracking and resolution identified through assurance activity.
  • Supporting Information Security Risk Manager And Key Stakeholders Across Capita TfL – Establishing effective working relationships (e.g. Divisional Security, ITES, CCS, Group Security) to enable completion of assurance activities.
  • Security Information and Event Management (SIEM) – Supporting the planned and ad hoc generated reports from the SIEM.
  • Supporting In The Coordination of Information SecurityActivities - including scheduling and progressing identified issues, Vulnerability management, Firewall rule reviews and input to monthly report for key stakeholders.
  • Management of the Information Security Incidents - ensuring that security incidents are recorded and tracked to resolution/closure of all actions.
  • Assisting with Information Security Related Corrective Action Plans – ensuring that all actions are owned and progressed to resolution.

| What we’re looking for |

Applicants should possess a strong work ethic, strong problem-solving skills, a can-do attitude and flexible approach, ability to work with individuals at all levels in the organisation along with a knowledge of software support, and excellent data analysis skills.


  • Qualified to degree level or equivalent experience,
  • Self-motivated individual with flexible approach to working.
  • Desire to build own Information Security Knowledge
  • Excellent interpersonal skills with the ability to explain technical problems to non-technical business stakeholders at all levels.
  • Strong written and oral communication skills

Desirable Skills/Experience:

  • Industry recognised Information Security or audit Qualification, such as CISSP, CISM, CISA
  • Experience of working to an ISO27001/2 aligned framework.
  • Experience of working in a controls testing/assurance environment
  • Experience of working in a PCI-DSS compliance environment

| What’s in it for you? |

  • A great basic salary.
  • 23 days’ holiday (rising to 27) with the opportunity to buy extra leave.
  • The opportunity to take a paid day out of the office, volunteering for our charity partners or a cause of your choice.
  • Company matched pension, life assurance, a cycle2work scheme, 15 weeks’ fully paid maternity, adoption and shared parental leave, paternity pay of two weeks…and plenty more.
  • Voluntary benefits designed to suit your lifestyle – from discounts on retail and socialising, to health & wellbeing, travel and technology.
  • Access to our Employee Network Groups, which represent every strand of diversity and allow colleagues to connect and learn from each other on an open, inclusive platform.

| What we hope you’ll do next |

Choose ‘Apply now’ to fill out our short application, so that we can find out more about you.

You’ll get the chance to follow your chosen career path anywhere in Capita. You’ll be joining a network of 63,000 experienced, innovative and dedicated individuals across multiple disciplines and sectors. There are countless opportunities to learn new skills and develop in your career, and we’ll provide the support you need to do just that. Our purpose is to create a better outcome for you. We’re an equal opportunity employer, which means we’ll consider all suitably qualified applicants regardless of gender identity or expression, ethnic origin, nationality, religion or beliefs, age, sexual orientation, disability status or any other protected characteristic. We recruit and develop our people based on merit and their passion for creating better outcomes, and we’re committed to creating an inclusive environment for all employees.

All interviews, assessments and background checks will continue to take place online, to completely remove the need for face-to-face contact. All Capita colleagues who can work from home should do so; and where it is not possible for colleagues to work remotely, we have taken important steps to protect those working from Capita’s offices. Social distancing, enhanced hygiene and safety measures are already in place at all Capita locations that are open to protect our colleagues and manage the risk of COVID-19. The welfare of our people is of paramount importance to us, and we’re doing everything we can to keep our colleagues and customers safe during this time.


Home-Based - GBR


United Kingdom

Time Type:

Full time

Contract Type: