Information Security Analyst

Keyloop bridges the gap between dealers, manufacturers, technology suppliers and car buyers.
We empower car dealers and manufacturers to fully embrace digital transformation. How? By creating innovative technology that makes selling cars better for our customers, and buying and owning cars better for theirs.

We use cutting-edge technology to link our clients’ systems, departments and sites. We provide an open technology platform that’s shaping the industry for the future. We use data to help clients become more efficient, increase profitability and give more customers an amazing experience. Want to be part of it?

Role Summary

The Information Security Analyst is responsible for managing Keyloop’s information security processes, standards, and tooling outside of SOC operations. This role ensures compliance with industry standards and certifications such as SOC 2, ISO 27001, and PCI DSS, supports secure process design, and drives remediation activities across the organisation.
The analyst works closely with Security Engineering, IT, and business teams to identify vulnerabilities, manage security tooling, contribute to projects, and produce actionable reports and insights to enhance the overall security posture

Key Responsibilities:
• Policy, Standards & Process Management
• Develop, maintain, and enforce information security policies, standards, and guidelines.
• Support implementation of secure processes across IT and business functions.
• Ensure alignment of policies and processes with SOC 2, ISO 27001, PCI DSS, and other relevant compliance frameworks.
• Conduct regular reviews and updates to ensure currency and effectiveness.
• Vulnerability Management & Remediation
• Manage vulnerability scanning tools and coordinate scans across systems, applications, and networks.
• Triage, prioritise, and track remediation of identified vulnerabilities.
• Collaborate with Security Engineering, IT, and business teams to ensure timely and effective remediation.
• Produce reports on vulnerabilities, trends, and risk exposure for leadership and stakeholders.
• Security Tooling & Operations
• Manage and optimise security tools outside of the SOC, including endpoint security, configuration management, identity and access tools, and cloud security monitoring.
• Ensure security tooling is configured, updated, and integrated with relevant IT and business systems.
• Provide guidance and support to teams in the use of security tools and automation.
• Project Engagement & Advisory
• Participate in IT, security, and business projects to provide security expertise and risk guidance.
• Conduct security impact assessments for new initiatives, systems, and technologies.
• Collaborate with project teams to embed security into design and operational workflows.
• Reporting, Insights & Remediation
• Produce reports and dashboards on security metrics, compliance posture, and risk exposure.
• Translate insights into actionable recommendations and remediation plans.
• Track and communicate remediation progress and escalate issues where required.
• Support decision-making by providing security risk insights to SecEng, IT, and business stakeholders.
• Compliance & Certifications
• Support the organisation in achieving and maintaining certifications such as SOC 2, ISO 27001, and PCI DSS.
• Assist in internal and external audits by providing evidence and documentation.
• Ensure continuous alignment of security operations with regulatory and industry requirements.
• Continuous Improvement
• Stay current with emerging threats, vulnerabilities, and security best practices.
• Recommend improvements to processes, tooling, and reporting to enhance security maturity.
• Contribute to the development of Keyloop’s security culture and capability.

Required Experience & Qualifications:
• 3–5 years of experience in information security, compliance, or related roles.
• Experience with vulnerability management, security tooling, and compliance frameworks (SOC 2, ISO 27001, PCI DSS).
• Exposure to process design and secure operations in IT and business environments.
• Experience supporting security projects and driving remediation initiatives.

• Skills & Competencies
• Technical Skills
• Information security policies, standards, and controls
• Vulnerability management and remediation tracking
• Security tooling configuration and optimisation
• Compliance frameworks and audit support
• Reporting, metrics, and data-driven insights

• Soft Skills
• Strong analytical and problem-solving abilities
• Effective communication and stakeholder management
• Ability to work across technical and business teams
• Detail-oriented with strong organizational and documentation skills
• Proactive and adaptable in a dynamic environment

Why join us?
We’re on a journey to become market leaders in our space – and with that comes some incredible opportunities. Collaborate and learn from industry experts from all over the globe. Work with game-changing products and services. Get the training and support you need to try new things, adapt to quick changes and explore different paths. Join Keyloop and progress your career, your way.

An inclusive environment to thrive
We’re committed to fostering an inclusive work environment. One that respects all dimensions of diversity. We promote an inclusive culture within our business, and we celebrate different employees and lifestyles – not just on key days, but every day.

Be rewarded for your efforts
We believe people should be paid based on their performance so our pay and benefits reflect this and are designed to attract the very best talent. We encourage everyone in our organisation to explore opportunities which enable them to grow their career through investment in their development but equally by working in a culture which fosters support and unbridled collaboration.

Keyloop doesn’t require academic qualifications for this position. We select based on experience and potential, not credentials.
We are also an equal opportunity employer committed to building a diverse and inclusive workforce. We value diversity and encourage candidates of all backgrounds to apply.