Senior Information Security Analyst

Warsaw, Poland / 40 Hours per week, Monday to Friday

The Senior Information Security Analyst is a specialist role with the primary focus being Information Security Governance, Risk & Compliance. They deputise for the Cyber Risk manager and are jointly accountable in ensuring Hargreaves Lansdown’s Information Security Management System remains effective in protecting HL critical information assets within risk appetite. This requires a mixture of technical, and non-technical information security risk experience.

General information

  • Location:
    Warsaw (covid-19 time remotely)
  • Salary gross (UoP):
    15 000 – 18 000 PLN
  • Employment type:
    permanent contract
  • Company size:
    80 people
  • Travel involved:
  • Operating system:
  • Computer:
  • Monitors:
    24" x 2
  • Mobile phone:

Key Duties and Responsibilities:

  • Deputise for the Cyber Risk manager in ensuring HL’s Information Security Management System remains effective in protecting HL critical information assets within risk appetite
  • Approve within delegated limits risk assessments and 3rd party due diligence assessments that have been carried out by analysts and apprentices
  • Direct the work of analysts and apprentices, and provide guidance where needed.
  • Own the delivery of the cyber security awareness and training program
  • Accountable for the compliance and third party security audits and reviews against best practice security control frameworks
  • Carry out horizon scanning through research of security related topics and report back to the wider cyber risk team
  • Be responsible for the ongoing policy maintenance of the ISMS

Must have:

  • Minimum 4 to 5 years experience in an Information Security or related role. Ideally some of this will have been gained in a regulated environment.
  • Exposure to Information Security in a DevSecOps cloud context
  • Must be certified to a recognised security standard, , such as CISSP, CISM, CCSP (or equivalent.
  • Have practical work based experience across the areas of security policy, culture, forensics, incident response and risk management.
  • Good exposure to security standards such as a ISO27001, NIST CSF or PCI-DSS
  • Be able to evaluate the adequacy of security controls, and how they are applied in a business context.
  • Experience of carrying out security reviews against recognised security control frameworks such as NIST CSF
  • Advanced English (B2/C1)

Nice to have:

  • Experience operating in a Cloud compliant environment will be advantageous


  • Author’s rights (tax reliefs due to creative type of work)
  • PPE (4% employer contribution without any additional cost nor employee contributions required)
  • Annual bonus depending on performance
  • Conference budget
  • Training budget
  • English lessons with native speakers
  • Private health care
  • Life insurance
  • Sports card
  • Comfortable work environment in modern office
  • Well communicated location: close to Rondo Daszyńskiego
  • Bike parking
  • Gym
  • Play room
  • Shower

Many opportunities to gain and share knowledge and ideas

  • Agile / SCRUM methodology
  • Opportunity to grow according to your level of expertise
  • Working with new technologies and a multi-diverse team
  • Many opportunities to share knowledge and ideas
  • In-house Trainings
  • Our ever-growing library

Supporting team

  • Best welcome for new employees
  • Buddy program
  • Team Events