×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Information Security Cybersecurity Data Security

InfoSec Analyst II Information security

Job in London, Greater London, W1B, England, UK
Listing for: Checkout Ltd
Full Time position
Listed on 2026-06-24
Job specializations:
  • IT/Tech
    Information Security, Cybersecurity, Data Security
Salary/Wage Range or Industry Benchmark: 50000 - 70000 GBP Yearly GBP 50000.00 70000.00 YEAR
Job Description & How to Apply Below

The Role

As an Information Security Analyst II at , you will work across the full breadth of the information security function, spanning Governance, Risk and Compliance (GRC), AI Governance, Application Security (App Sec), Technology Risk, and Data Governance. This is a role for someone who has built solid foundational expertise and is ready to take independent ownership of security initiatives across multiple domains.

Security at Checkout operates at scale and  are a global payments business, regulated across multiple jurisdictions, building infrastructure that processes billions of transactions. Our security function needs analysts who can think across domains, communicate with engineers and executives alike, and contribute to a security programme that is genuinely embedded in how the business operates.

At L3 you will manage security programmes, lead assessments, drive policy improvements, and mentor junior colleagues. Your primary focus is independent execution with growing influence. You know your domains well enough to spot gaps, propose solutions, and take them through to completion.

Governance, Risk and Compliance
  • Support work streams within Checkout's GRC programme, including ISO 27001, SOC 2, and relevant regulatory obligations across our global licensed entities.
  • Coordinate control evidence collection activities across internal teams, ensuring continuous audit readiness rather than point‑in‑time preparation.
  • Maintain and improve GRC documentation including policies, standards, procedures, and control matrices, ensuring they stay current and proportionate to Checkout's evolving risk profile.
  • Monitor the risk register, track remediation activity against agreed timelines, and elevate issues where commitments are at risk.
  • Conduct third‑party risk assessments, evaluating supplier security controls and compliance posture in line with Checkout's TPRM framework.
  • Track regulatory change across Checkout's operating markets including DORA, FCA/PRA requirements, and payment scheme obligations, flagging gaps and supporting impact assessments.
AI Governance
  • Support the development and operationalisation of Checkout's AI governance framework, aligned to ISO 42001, the EU AI Act, and NIST AI RMF.
  • Conduct AI risk assessments for internal AI and ML systems and third‑party AI tools, evaluating bias, transparency, data lineage, and control adequacy.
  • Maintain an inventory of AI use cases and associated risk classifications, working with product and engineering teams to embed governance requirements at the point‑of‑design.
  • Monitor the evolving regulatory landscape for AI in financial services and contribute to policy and control development that keeps Checkout ahead of emerging obligations.
  • Support Checkout's AI Security programme including threat modelling for agentic and LLM‑based systems, and controls mapping against the OWASP LLM Top 10 and related frameworks.
Technology Risk
  • Conduct technology risk assessments across infrastructure, cloud environments, and third‑party systems, producing clear outputs with actionable treatment recommendations.
  • Support third‑party risk management activities, evaluating supplier security controls and compliance posture in line with Checkout's vendor risk framework.
  • Contribute to control assurance activities including vulnerability scanning coordination, firewall and configuration reviews, and access control assessments.
  • Monitor Checkout's technology risk landscape, identifying emerging threats and translating them into actionable risk items for the register and leadership reporting.
  • Support DORA‑related ICT risk management obligations, contributing to resilience testing coordination and critical third‑party risk assessments.
Data Governance
  • Support Checkout's data governance programme, including data classification, data flow mapping, and enforcement of data handling standards across the business.
  • Contribute to data loss prevention (DLP) controls and tooling, working with engineering and product teams to ensure sensitive data is protected throughout its lifecycle.
  • Assist in maintaining records of processing activities (RoPA) and supporting data protection impact assessments (DPIAs) for new…
Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search