Cyber Security Analyst
Are you a Cyber Security Analyst who thrives on identifying and responding to evolving cyber threats across complex and evolving technology environments?
Could you play a key role in strengthening our organisation's security posture by supporting day-to-day cyber operations, vulnerability management, and incident response?
Can you help drive continuous improvement in our cybersecurity capabilities as a Cyber Security Analyst, working closely with teams to enhance resilience and protect critical systems?
You will support the day-to-day delivery of cybersecurity operations, helping to identify, assess, and respond to risks, vulnerabilities, and incidents across our technology estate. This is a hands-on role where you'll work closely with resolver teams across infrastructure, cloud, end user, and applications to strengthen security controls and improve overall resilience.
We're looking for someone with a strong foundation and the right mindset, rather than someone who already has every answer. Curiosity, initiative, and a desire to learn are just as important as existing technical skills.
Collaborating with the Cyber Security Manager, you'll ensure alignment with Governance, Risk, and Compliance (GRC) strategy while contributing to the ongoing development of policies, processes, and controls that protect the organisation from emerging threats. You'll be comfortable working in an environment where standards and processes are still evolving, and where proactive thinking and initiative are key.
Your role
You'll support operational security activities including monitoring, alert triage, and incident response, working alongside internal teams and third-party providers to investigate and resolve security events. You'll play a key role in vulnerability management by reviewing findings, assessing risk, tracking remediation, and reporting on patching performance.
You will also help maintain and optimise security tooling across endpoints, identity, cloud, and email systems, identifying opportunities to strengthen baseline controls and improve configurations. Supporting cloud security across AWS and Microsoft 365, you'll work with technical teams to enforce secure standards and maintain visibility of all cloud services.
Your role will also involve contributing to privileged access management, supporting access reviews, and promoting least privilege principles. Acting as an escalation point for the outsourced SOC, you'll analyse security telemetry, tune detection rules, and contribute to continuous improvement of monitoring and response capabilities.
In addition, you'll assist with incident response activities, support forensic investigations, and help maintain playbooks aligned with Cyber Essentials Plus, ISO 27001, and NCSC CAF guidance. You'll collaborate across teams to embed security into everyday operations, contribute to audits and compliance activities, and support awareness initiatives to build a strong security culture across the organisation.
Experience
Hands-on experience working in a cybersecurity or IT security role, supporting operational security, vulnerability management, incident response, or security monitoring is essential.
You should have some exposure to common enterprise security technologies such as Microsoft Defender, Entra ID, Intune, Microsoft 365 security capabilities, AWS security tooling, SIEM platforms, or similar technologies. We do not expect applicants to be experts in every technology we use, but you should be able to demonstrate a willingness and ability to learn new platforms and concepts.
Experience using vulnerability scanning tools such as Defender, Qualys, Tenable, or similar is desirable, along with an understanding of SOC operations and threat detection methodologies such as MITRE ATT&CK.
You'll have working knowledge of securing cloud platforms including AWS, Azure, or Microsoft 365 using native security tools, and an appreciation of patching processes and security frameworks such as Cyber Essentials Plus, ISO 27001, or NCSC guidance.
Skills and Abilities
An analytical and investigative mindset is essential, along with a strong sense of curiosity and a desire to understand how systems work, how threats emerge, and how security controls can be improved. You'll be comfortable working in time-sensitive situations such as incident response and vulnerability remediation, while maintaining a high level of accountability and professionalism.
You'll be self-motivated and proactive, capable of making progress even when processes, standards, tooling, or documentation are still developing. You'll enjoy solving problems and won't be afraid to help shape new ways of working as the security function continues to mature.
Strong communication skills are essential. You'll be able to clearly explain security risks, vulnerabilities, incidents, and recommendations to both technical teams and non-technical stakeholders, adapting your approach to suit your audience.
You'll also bring the ability to collaborate across teams and influence the adoption of secure practices, alongside strong documentation and reporting skills. An adaptable mindset and a commitment to continuous improvement are key to success in this role.
Equality, Diversity & Inclusion
Belonging is central to who we are. We're committed to building a workforce that reflects the clients we support and creating a culture where everyone feels valued and able to be themselves.
We welcome applications from people of all backgrounds and life experiences. If you need a reasonable adjustment during the recruitment process so you can perform at your best, just let us know. We're here to support you.