Information Security Analyst

Change your job, change your workplace, change your future...

Ricoh are currently recruiting for a Information Security Analyst based in London who will be accountable for the development, implementation, and continuous improvement of the Information Security Management System (ISMS) at Ricoh Europe PLC. The role exists to protect the confidentiality, integrity, and availability of corporate information assets, and to ensure the organisation’s alignment with ISO/IEC 27001 standards and applicable regulatory requirements.

Ricoh transforms organisations, using innovative technologies and services enabling you as an individual to work smarter. This is what we call “empowering digital workplaces”.

In fact the entire Ricoh workforce enjoys our pioneering and innovative ways of working. We like to call it: imagine. change., it’s the ethos of our brand and how we drive positive change for ourselves and others. Our teams are embracing change, fostering new ways of working and we have never been more resolute in our mission - "you work for us, and we`ll work for you".

What you will be doing

• Audit & Compliance Experience: Conducting internal audits and working with external auditors.
• Policy Development: Drafting and enforcing security policy, standards and procedures.
• Incident Response Knowledge: Leading or coordinating responses to security breaches or events.
• Lead the maintenance, development, and enhancement of the ISMS to ensure continued ISO/IEC 27001
• Conduct regular internal audits and risk assessments, ensuring timely remediation of any identified vulnerabilities or non-conformities.
• Establish and enforce information security policies, standards, and controls across the organisation.
• Act as the central authority and subject matter expert on information security within Ricoh Europe PLC.
• Monitor the threat landscape and coordinate incident response planning, including investigation, mitigation, and communication of security incidents.
• Oversee the security assurance programme, including third-party risk management and vendor assessments.
• Collaborate with IT, legal, HR, and business teams to integrate security principles into operational processes and projects.
• Promote a strong culture of security awareness through training and awareness campaigns and quarterly Phishing Simulations.
• Provide reporting on ISMS performance, risks, and assurance activities to senior stakeholders and auditors.
• Demonstrate a deep understanding of information security standards and management systems, particularly ISO/IEC 27001, and the ability to operationalise policies, manage risks, and ensure compliance within a complex enterprise setting.
• Perform risk assessments and tracking risk treatment plans.
• Prepare documentation and evidence for ISO 27001 audits.
• Demonstrate experience with data protection principles and delivering privacy impact assessments Process and Policy Level and design and implement security controls in line with policy requirements.
• Develop and maintain the ISMS manual and associated procedures.
• Align security strategies with business continuity and data protection programmes.
• Interpret IT governance and control frameworks such as: ITGC, NIST, COBIT, CSTAR, ITIL, and other standards to shape policy and monitor conformance.
• Analyse threat intelligence and risk trends to anticipate and prevent security breaches and advise on emerging technologies and their potential impact on security posture.
• Demonstrate and utilise foundational knowledge of project management frameworks such as: Lean Six Sigma, PRINCE2 and Cyber Essentials and Cyber Essentials Plus frameworks.
  
  

You will ideally have

• Candidates will ideally have a proven background working in an EMEA wide organisation or larger enterprises with complex operations across an IT landscape / environment.
• You will ideally be educated to bachelor’s degree (or equivalent) ideally in relevant field such as: Cyber Security, Information Technology, Computer Science or Information Systems
• Candidates will have ISO 27001 Lead Implementer or - ISO27001 Lead Auditor, with further qualifications across CISM, CISA, CRISC, CCAK, ISO 27701, Data Protection Practitioner, ISO 22301 Lead Implementer, ISO 27005 Risk Manager a distinct advantage.
• Ideally successful candidates will have exceptional interpersonal and communication skills are indispensable in this role. The Information Security Manager must interact with a wide spectrum of individuals, ranging from technical engineers and legal advisors to C-level executives and end-users.
• Preferably candidates will have the ability to tailor communication—presenting detailed technical risk in a non-technical, business-relevant format—is essential.
• Successful candidate will have assertiveness balanced with diplomacy, especially when challenging decisions, enforcing compliance, or navigating resistance to change.
• Trust-building is a critical success factor, as the Information Security Manager often has to advise, influence, and lead without formal authority.
• Conflict resolution, negotiation, and consensus-building are recurring themes in the role, as are empathy and cultural awareness—especially when operating across the diverse cultural landscape of Ricoh’s European operations.
• Active listening, a collaborative mindset, and the ability to motivate others to engage with security initiatives underpin the role’s success in promoting a security-first culture.
• Successful candidates must also demonstrate, ethical behaviour, confidentiality, integrity and take due professional care in all interactions relating to Auditing as per the principles of ISO 19011.
  
  

In return for your commitment, you can expect

• A competitive salary package
• Industry leading benefits
  
  

Ricoh is an exceptional place to work. A place where there is strong emphasis on career development for the right individuals. This is a role where you can excel within a fast-paced environment and succeed within a thriving organisation.

This is an excellent opportunity to join a global company where you can truly capitalise and build on your own experience.

Ready to make that change? Apply now for a confidential conversation with our Recruitment Team.

We are an equal opportunities employer

At Ricoh, we embrace and respect the collective and unique talents, experience, and perspectives of all people. Together we inspire remarkable innovation. That’s how we live the Ricoh Way.

Ricoh have removed the disclosure of convictions box from their application process (ban the box - http://www.bitc.org.uk/programmes/ban-box) offering equal opportunities to all.

For all roles, we will judge each individual on their skills and ability before taking into account their history. However some roles are subject to sensitive and restrictive information and, if successful, you may be required to undertake pre-employment vetting checks which include but are not limited to residency check, credit reference check, financial sanctions` check and a DBS Check. Further information on Employment Vetting can be accessed by contacting the Ricoh Recruitment Team.