Information Security Analyst

Kinetic Software


Date: 4 hours ago
City: Milton Keynes
Contract type: Full time

About Kinetic

At Kinetic we’re redefining operational excellence in higher education, conferencing, and events. As the leading provider of software solutions for student accommodation, event management, catering, and residential services, we help institutions streamline operations, elevate customer experiences, and unlock their full potential.

With over 25 years of experience and trusted by more than 350 institutions worldwide, our software empowers universities and venues to run smarter, faster, and more collaboratively. From bustling campuses to dynamic corporate environments, our technology adapts to the rhythm of each organisation — helping them thrive in a fast-changing world.

But we’re more than just software. We’re a team of passionate problem-solvers, innovators, and collaborators who care deeply about our customers and each other. Our culture is built on empowerment, community, and continuous growth. We believe in giving people the tools, support, and freedom to do their best work — and have fun while doing it.

Joining Kinetic means being part of a purpose-driven business where your ideas matter, your development is supported, and your impact is real. If you’re ready to help shape the future of operational technology in education and events, we’d love to meet you.

The Role

We are looking for a capable and detail-oriented Information Security Analyst to join Kinetic on a permanent basis. Following a significant investment in our security programme, including ISO27001 and PCI/DSS recertification and the embedding of a modern, integrated security toolset, this role is focused on operating and continuously improving that established framework. Kinetic has built a modern, integrated security programme. Now we need the right person to run it, own it, and make it better every day.

What You’ll Be Doing

This is a hands-on operational role suited to someone earlier in their security career who is process-driven, comfortable working across platforms, and eager to grow within a well-structured environment. You won't be building the security function from scratch; you'll be the day-to-day custodian of it.

Compliance & GRC Operations (40%)

  • Own day-to-day operation of Drata, our GRC platform, ensuring real-time compliance data remains accurate and connected across all integrated tools and applications.

  • Maintain the central policy and procedure repository, keeping documentation current and version-controlled.

  • Manage onboarding security workflows, ensuring mandatory training is completed and relevant forms signed via automated processes.

  • Coordinate internal audits across ISO27001 and PCI/DSS leveraging the SEP2 GRC Wingman service, working with the auditor to validate that controls and processes are operating effectively.

  • Support ongoing privacy and data protection obligations including GDPR, DSARs, and breach logging.

  • Manage auditor access through Drata and prepare evidence for external audit cycles.

  • Maintain and develop the Drata Trust Centre, ensuring it accurately reflects our security posture for customers and prospects.

Customer Security Assurance (25%)

  • Handle inbound customer and prospect security queries, using Drata's AI-assisted questionnaire tool to respond accurately and efficiently.

  • Complete HECVAT assessments and ad-hoc security questionnaires for higher education tenders.

  • Work with sales and customer success to provide security documentation and evidence packs.

  • Share Appcheck and Invicti real-time scan data with customer security teams to support deployment confidence and third-party PCI requirements.

Vulnerability & Application Security (25%)

  • Manage the Pen Test People portal — tracking active penetration tests, assigning remediation tasks to relevant team members, and monitoring closure.

  • Use Appcheck and Invicti to run ad-hoc API and web application scans ahead of new builds and customer deployments, reducing reliance on full annual pen tests.

  • Maintain visibility of application dependencies and exposure through the Appcheck dashboard.

  • Monitor endpoint security alerts and detections via CrowdStrike, escalating threats and coordinating response as required.

  • Coordinate remediation activity with engineering teams and track progress to closure.

Risk & Continuous Improvement (10%)

  • Provide business leaders with guidance on security in an AI-enabled operating environment.

  • Maintain the risk register and support ongoing risk management processes through Drata.

  • Identify control gaps or process drift and escalate appropriately.

  • Support security awareness activity across the business.

  • Keep policies and procedures up to date as the business and threat landscape evolve.

What You’ll Bring

Core Experience

  • 2–4 years in an information security, IT compliance, or GRC-adjacent role.

  • Working knowledge of ISO27001 — exposure to audit evidence gathering or internal audit processes.

  • Familiarity with GRC platforms (Drata experience a bonus, but any similar platform is transferable).

  • Understanding of PCI/DSS and GDPR obligations in a SaaS context.

  • Comfortable managing vulnerability findings and coordinating remediation with technical teams.

  • Strong organisational skills — able to juggle multiple compliance threads and deadlines simultaneously.

  • Clear, confident communicator — able to handle customer-facing security queries professionally and accurately.

Nice to Have

  • Experience with application security scanning tools (Appcheck, Invicti, or similar).

  • Endpoint detection and response (EDR) platform experience, ideally CrowdStrike Falcon.

  • Penetration test management or remediation tracking experience.

  • HECVAT or security tender questionnaire experience.

  • Relevant certifications: CompTIA Security+, CC (ISC²), ISO27001 Lead Auditor/Implementer, or working towards them.

  • Higher education sector familiarity.

  • Cloud environment exposure (Azure and/or AWS).

Key Attributes

  • Process-driven and methodical — you find satisfaction in keeping compliance in good shape year-round, not just at audit time.

  • Platform-native — comfortable learning and getting the most out of integrated tooling.

  • Collaborative and responsive to engineering, sales, and customer success colleagues.

  • Knows when to escalate rather than overreach.

  • Curious about security and motivated to develop expertise over time.

Benefits & Perks

At Kinetic, we believe work should come with rewards that make a real difference. Here’s just a taste of what you can expect when you join us:

  • 25 days holiday (plus bank holidays) - with extra days the longer you’re with us

  • Two paid wellbeing days each year, with a budget to enjoy some time out with someone important to you

  • Enhanced pension contributions to support your future

  • Two paid days a year to give back through volunteering, charity work, or sustainability projects with our Green Team

  • Salary sacrifice schemes for electric vehicles and cycle-to-work

  • 24/7 access to our Employee Assistance Programme for confidential advice and support

  • A full annual health check to keep you at your best

  • A flexible benefits platform - from life assurance and learning opportunities to retail discounts and cinema tickets

  • A genuine people-first culture where your growth and wellbeing come first

  • Performance-related bonus scheme to reward your contribution

  • Regular socials - from team get-togethers to all-company celebrations, with each department owning a budget for their events

  • The opportunity to attend group conferences, away days and learning forums both in the UK and abroad - network with other talent

We’ve created a welcoming office environment, with well-stocked kitchens offering free breakfast, fresh fruit, hot and cold drinks, and a range of tuck shop goodies to keep you fuelled throughout the day.

Kinetic is an equal opportunity employer, fostering diversity and committed to creating an inclusive environment for all employees.

How to apply

To apply for this job you need to authorize on our website. If you don't have an account yet, please register.

Post a resume

Similar jobs

Supplier Manager

Network Rail, Milton Keynes
£55,596 - £67,813 per year
4 days ago
Who We Are About Network Rail... Join Network Rail - Where People and Connections Matter At Network Rail, we are dedicated to keeping passengers and freight moving safely and efficiently across the country. When you join us, you are not just part of a team - you are part of something that matters to millions. We believe that our people...

Associate Delivery Manager

HMGCC, Milton Keynes
£53,761 per year
3 weeks ago
£53,761 This role is available full-time for 37 hours per week Monday to Friday or part-time with a minimum coverage of 28 hours Flexible or compressed working hours available This role is predominantly based in the office Can you support agile teams to deliver diverse, impactful projects, in an environment that really matters? In the world of national security, your...

Client Success Executive

BSI, Milton Keynes
3 weeks ago
We exist to create positive change for people and the planet. Join us and make a difference too! Client Success Executive Location: Milton Keynes, UK Work Model: Hybrid, with 3 days working from the office. At BSI, we help organizations build trust, improve performance, and achieve sustainable growth. The Client Success Executive plays a critical, client-facing role in driving retention,...