You will work closely with senior stakeholders, engineers developers, suppliers and the outsourced SOC to detect, assess and remediate threats, ensuring the organisation maintains a secure and resilient environment.
1. Vulnerability & Threat Management (Lead Area)
-
Lead the vulnerability management lifecycle across cloud workloads, endpoints and applications.
-
Coordinate and collate vulnerability scanning using relevant tools.
-
Work with our outsourced SOC provider to expand authenticated scanning, attack surface discovery and threat‑led prioritisation.
- Analyse scan results, interpret and triage vulnerabilities and threat data, and use these to produce clear remediation guidance tailored to technical and non‑technical stakeholders.
-
Horizon-scan for emerging risks and work to ensure WRA is positioned to identify and mitigate those threats.
-
Maintain the WRA Vulnerability Management Policy and ensure it remains aligned with emerging risks, changes to compliance frameworks and regulatory changes.
2. Security Monitoring & Incident Response
-
Support security operations by reviewing alerts, triaging security events and escalating incidents as required.
-
Contribute to first‑line and second‑line incident investigation activities, coordinating with infrastructure engineers and suppliers.
-
Curate the collection of threat intelligence sources, adding and removing them as necessary to ensure a wide and deep coverage, and integrate insights into monitoring and detection.
3. Secure Configuration & Operational Security
-
Support secure configuration baselines for cloud services, endpoints and network infrastructure (e.g., CIS benchmarks).
-
Monitor patch compliance and system hardening across devices, cloud resources and identity platforms.
-
Work with IT Operations to ensure services remain secure, patched, resilient and compliant with organisational standards.
4. Governance, Risk & Compliance Support
-
Contribute to cyber risk assessments, working with senior colleagues to identify threats, vulnerabilities and control gaps.
-
Support audits and assessments aligned to Cyber Essentials Plus and IASME (and potentially other frameworks such as CAF and ISO 27001), including evidence preparation and remediation tracking.
-
Provide reporting and metrics that inform the organisations cyber risk posture and resilience planning.
5. Stakeholder Engagement & Advisory Duties
-
Work collaboratively with stakeholders to embed security considerations into day‑to‑day operations.
-
Communicate complex security issues in accessible, practical language to non‑technical colleagues.
-
Promote security awareness and contribute to upskilling activities within IT and the wider organisation.
6. Continuous Improvement & Team Development
-
Contribute to improving cybersecurity processes, tooling and automation opportunities.
-
Participate in knowledge‑sharing activities, retrospectives and capability development across the Digital team.
-
Help shape the evolving operating model for cybersecurity as the WRA expands its digital footprint.
Candidate Information Session
If this seems like a role youd be interested in, join us for our virtual Candidate Information Sessions. Youll meet the Line Manager, get an overview of the role as well a feeling for what its like to work at the WRA. Well also talk through our benefits and provide helpful tips for your application with us. Please register for one of the sessions below:
Register here: 1 July 2026 12.30-13.00pm https://uwchddadansoddwrseiberddiogelwchseniorcybersecurityanalyst1230.eventbrite.co.uk
Register here: 1 July 2026 4.00-4.30pm https://UwchDdadansoddwrSeiberddiogelwchSeniorCyberSecurityAnalyst4pm.eventbrite.co.uk
We recommend you review the job description (or candidate pack) under the 'attachments' section before completing your application
