IT Security Analyst – up to 60,000 per annum base + benefits – Leatherhead (2–3 days per week onsite)
We are looking for an experienced IT Security Analyst to support our IT Security Manager in safeguarding the organisation's hardware, software, and networks from potential threats. This role will play a critical part in ensuring the security of our systems, monitoring incidents, and driving a culture of cybersecurity awareness across our diverse workforce. The IT Security Analyst will also assist with creating and maintaining security policies, supporting operational processes, and developing security awareness initiatives.
This will be a broad role, providing the opportunity to be involved in all aspects of IT Security with excellent opportunities to work with a variety of functions.
Main Accountabilities
Security Operations & Incident Response : Oversee network and system security, collaborate with the Security Operations Centre on threat analysis, and support incident response activity. Contribute to the improvement of cyber security operational processes such as access control, vulnerability management, and security incident management.
Cybersecurity Awareness & Training : Assist in developing and delivering security awareness training programs to promote a security–conscious culture across the organisation.
Policy Development & Compliance : Support the IT Security Manager in creating and enforcing security policies, ensuring alignment with industry standards and frameworks.
Risk Assessment & Testing : Conduct regular risk assessments and simulated cyber–attacks to enhance the organisation's security posture.
Stakeholder Collaboration & Communication : Build strong relationships across departments, effectively communicating security issues to technical and non–technical audiences.
Essential Knowledge and Experience
Information Security Expertise
Demonstrable experience in information security governance, risk assessment, and compliance. Substantial background in information security operations, including experience with ISO27001–certified information security management systems (ISMS). Experience working with Government and/or Defence industry highly advantageous.
Standards & Framework Knowledge
Strong understanding of ISO standards and security frameworks, including NIST, CIS, ISO 27001, ISO 22301, and ISO 27017. Familiarity with Cyber Essential framework and Government security framework such as HMG Security Policy Framework and NCSC Cyber assessment Framework is highly advantageous. Knowledge of Cloud Security Principles.
Technical Skills & Communication
Proficient in creating and delivering security–related reports with active listening skills and confidence in communicating security information to diverse stakeholders. Ability to engage effectively with colleagues across multiple functions, with strong written and verbal communication skills. Familiarity with Cyber security operational tools and proactive approach to identifying process improvements. Experience in risk assessments and simulated cyber–attack testing to improve organisational security.
#J-18808-Ljbffr
Demonstrable experience in information security governance, risk assessment, and compliance. Substantial background in information security operations, including experience with ISO27001–certified information security management systems (ISMS). Experience working with Government and/or Defence industry highly advantageous.
Standards & Framework Knowledge
Strong understanding of ISO standards and security frameworks, including NIST, CIS, ISO 27001, ISO 22301, and ISO 27017. Familiarity with Cyber Essential framework and Government security framework such as HMG Security Policy Framework and NCSC Cyber assessment Framework is highly advantageous. Knowledge of Cloud Security Principles.
Technical Skills & Communication
Proficient in creating and delivering security–related reports with active listening skills and confidence in communicating security information to diverse stakeholders. Ability to engage effectively with colleagues across multiple functions, with strong written and verbal communication skills. Familiarity with Cyber security operational tools and proactive approach to identifying process improvements. Experience in risk assessments and simulated cyber–attack testing to improve organisational security.
#J-18808-Ljbffr
