Security & Privacy Analyst

Job not on LinkedIn

2 days ago

Apply Now

Receive Emails with Similar Jobs

Spectrum.Life

WebsiteLinkedInAll Job Openings

Healthcare Insurance • Wellness • Education

Spectrum. Life is a digital health company providing a comprehensive platform for health and wellbeing. They offer services for digital health, mental health, and wellbeing, targeting members, employees, and students through customisable engagement platforms. Spectrum. Life acts as a whole-of-health partner for large organisations in the UK, Ireland, and internationally, focusing on transformative digital health experiences. Their offerings include mental health support through digital platforms and apps, workplace wellness solutions, and health education. The company collaborates with health systems and businesses to deliver accessible and customizable care solutions aimed at engaging, empowering, and transforming individual lives.

51 - 200 employees

⚕️ Healthcare Insurance

🧘 Wellness

📚 Education

💰 Series A on 2023-02

📋 Description

• Monitor, assess, and respond to security alerts, incidents, and vulnerabilities across the technology environment • Support security operations activities including log analysis, threat detection, endpoint security, and access control management • Conduct regular vulnerability assessments and coordinate remediation with relevant teams • Assist in maintaining and improving security tools, controls, and frameworks (e.g., SIEM, IAM, MDM, KnowBe4, encryption standards) • Support third-party security reviews and due diligence assessments • Participate in business continuity and disaster recovery planning and testing • Support GDPR and other applicable privacy frameworks (e.g., ePrivacy, UK GDPR, HIPAA-aligned practices for clinical contexts) • Conduct Data Protection Impact Assessments (DPIAs) and Legitimate Interest Assessments (LIAs) • Assist in maintaining Records of Processing Activities (RoPA) • Review new product features and vendor integrations for compliance with privacy-by-design and security-by-design principles • Monitor adherence to internal data protection policies and assist in facilitating corrective actions • Assist with internal audits, risk assessments, and external certifications (e.g., ISO 27001, DCB0129/0160, Cyber Essentials) • Help develop and maintain security and privacy documentation, standards, and procedures • Track remediation of audit findings and risk treatment plans • Support employee security/privacy training and awareness initiatives • Contribute to policy updates and ensure alignment with regulatory requirements • Support investigations of potential data breaches or security incidents • Assist in managing the incident lifecycle from detection to resolution • Help prepare incident reports, root cause analyses, and corrective action plans • Work with internal teams to implement lessons learned and strengthen preventive controls

🎯 Requirements

• Experience in information security, privacy, compliance, or a related field • Strong understanding of GDPR, data protection principles, and privacy best practices • Familiarity with security operations, vulnerability management, and incident response • Experience with security tools (e.g., SIEM, endpoint protection, logging platforms) • Ability to interpret risks and communicate them clearly to technical and non-technical audiences • Strong documentation, analytical, and problem-solving skills • Excellent attention to detail and commitment to quality • Experience in health-tech, clinical platforms, or handling sensitive health data • Certifications such as ISO 27001 Lead Implementer/Auditor, CompTIA Security+, CISSP, CIPP/E, or equivalent • Experience supporting audits or managing compliance frameworks • Familiarity with cloud security and secure development practices

🏖️ Benefits

• 25 days annual leave • 24/7 EAP and a wide range of health and wellbeing supports • Extensive list of employee perks and benefits