Cyber/ Information Security Analyst

Initially as the Cyber Security Lead you will conduct a comprehensive assessment of the cybersecurity posture through gap analysis, and develop an improvement program to address identified areas. Lead all cybersecurity-related initiatives, collaborating with the Enterprise Architect to ensure the protection of systems and data. Ensure senior stakeholders are informed of relevant risks and issues, utilizing appropriate governance processes for effective communication and decision-making. Key Skills & Experience A minimum of 5 years of relevant experience in ICT Security or a Technical ICT environment. Solid understanding of national and international standards such as Cyber Essentials, ITIL, ISO 20000, and ISO 27001, as well as NCSC (National Cyber Security Centre) principles. Capable of analysing and assessing security threats and vulnerabilities to systems, services, or processes, using external threat intelligence or expert advice (eg, from the National Cyber Security Centre). Proven experience in risk management, issue resolution, and dependency management, with the ability to communicate these clearly within a formal governance framework. Strong time management skills Proficient in working across multidisciplinary teams and fostering strong relationships with colleagues. Excellent stakeholder management and relationship-building skills, with the ability to communicate effectively in writing and verbally to influence and engage diverse audiences. Adept at conducting applied research to identify, evaluate, and address new or unknown security vulnerabilities and weaknesses. Expertise in collecting, processing, and classifying threat data to make it actionable for others. Experience conducting security audits against established cybersecurity standards, performing gap analysis, and recommending remediation actions. Capable of participating in security audits against recognized cybersecurity standards, identifying gaps, and providing recommendations for improvement. Experience developing incident response plans for approval within structured governance arrangements. Proficient in analysing data from various sources (eg, log files, digital monitoring tools, SIEM) to inform decisions and provide actionable recommendations. Knowledge Strong understanding of key national and international standards, including Cyber Essentials, ITIL, ISO 20000, ISO 27001, and NCSC principles. Commitment to promoting equality and diversity. Familiarity with Health and Safety legislation and best practices, and how they apply in the workplace. Awareness of where to access the latest best practices for enhancing cybersecurity to ensure continued effectiveness of defences. Knowledge of common security architectures and methodologies. Qualifications Essential/Desirable Degree/NVQ level 6 education (or equivalent) Certified Ethical Hacker Systems Security Certified Practitioner (SSCP) Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM) certification Certified IT Infrastructure Library (ITIL) Practitioner