Information Security Risk Analyst

Information Security Risk Analyst

  • London
  • Strategy & Operations

We believe that the grand scale adoption of single synthetic environments by governments and international institutions will give rise to a powerful capability for global good.  New levels of whole force preparedness and the harnessing of previously unattainable foresight will ultimately prevent states from stumbling into war; contributing to a more secure and prosperous world and bringing about the end of unnecessary human conflict.

Improbable Defence develops a software platform that enables the creation of these single synthetic environments, with the aim of providing truly full spectrum synthetic training and planning platforms.  This will ultimately make defence users more effective when deployed on modern, multi-domain operations and plummet the cost of military preparedness.

Single synthetic environments give decision makers a constantly improving picture on how to best prepare for and prevail in any conflict.  Improbable’s platform architecture provides the defence industry access to new market opportunities through a synthetic content ecosystem, enabling defence developers to reuse and repurpose existing models and build new models of the real world in a fast, efficient and iterative way.

Your Mission

is to support all teams across Defence meet business objectives in the most secure manner possible. You will help develop processes and manage security risks across three core domains for the Defence Unit - Cyber, Personnel and Physical. Due to the tailored security requirements of our customers, the team plays a key role in applying robust security controls for defined outputs and maintaining bespoke assurance requirements. 

Areas for Impact

  • Contribute and lead security risk assessments across security domains, projects, operational requirements and technical change initiatives.
  • Pragmatically assess risks, ensure alignment with information security policies and risk management methodologies used within the information security management system (ISMS).
  • Develop and expand new metrics and KPI/KRIs to support risk management functions.
  • Communicate the security impact of technical decisions, the approach to risk mitigation and alignment to risk tolerance across to stakeholders across all levels of the business.
  • Participate in due diligence and on-going risk management of supply chain activities.
  • Review and interpret threat intelligence and provide risk advisory and tutorial services to wider Defence teams.
  • Work with stakeholders, both technical and non-technical, to enable a pragmatic approach to apply security best practice. Demonstrating understanding of industry frameworks and NCSC aligned security principles. 
  • Support the creation and maintenance of new security standards and procedures to aid staff security cultural improvements. Including supporting personnel and physical security processes associated with HMG handling requirements. 

We'd like to hear from you if you identify with the following:

  • You have a clear understanding of ISO27001 or NIST CSF. This will enable you to hit the ground running within our Information Security Management System (ISMS) and contribute towards on-going risk management improvements. 
  • You have knowledge and understanding of risk management principles, best practices and emerging toolkits. Including experience of accreditation requirements associated with Cyber Essentials and/or ISO27001. This will ensure you are able to deliver outputs to our required standards. 

  • You have experience of helping to resolve complex issues across technical and socio-technical risks. This will help your ability to identify and interpret likely issues associated with our business operations.
  • You look to maintain a good understanding of industry security trends and have experience of interpreting tailored threat intelligence. This will help your ability to explain concepts to others and interpret changes within the current threat landscape.
"Please note due to the nature of this role you will be expected to meet requirements associated with obtaining UK security vetting clearance"
Equal Opportunity
The best ideas are often the least expected and require new ways of thinking; that’s why our teams at Improbable are made up of an incredible range of talented people. Improbable is proud to be an equal opportunity employer. We do not discriminate based on race, ethnicity, colour, ancestry, national origin, religion, sex, sexual orientation, gender identity, age, disability, veteran status, genetic information, marital status or any other legally protected status.