Cyber Security

IT & Cyber Risk Analyst
Role Overview:
We are seeking a proactive and detail-oriented IT & Cyber Risk Specialist to support CICL’s Head of Risk, Compliance & Business Assurance. This role plays a key part in ensuring the company prioritizes customer-centric outcomes, operates within its defined risk appetite, and maintains robust control over its own operations and those of key outsourcing partners.
The successful candidate will also support the Risk and Compliance Function Holders in fulfilling the company’s risk and compliance obligations, with a particular focus on IT security and cyber risk management.
Key Responsibilities:

• Provide IT support and manage referrals to CICL’s IT Service Providers.
  
  
• Collaborate with external Service Providers and Third Parties to maintain CICL’s network and infrastructure.
  
  
• Ensure the availability and resilience of the company’s IT infrastructure.
  
  
• Identify and resolve IT faults effectively.
  
  
• Review and assess weekly SIEM, Microsoft, and other security reports, recommending actions where needed.
  
  
• Serve as the primary internal contact for the Security Concierge SIEM team.
  
  
• Continuously evaluate the company’s security posture against industry standards such as Cyber Essentials and CIS controls.
  
  
• Assist in the identification, management, and mitigation of IT and cyber risks.
  
  
• Ensure compliance with internal IT security policies, frameworks, and procedures.
  
  
• Track and manage IT and cyber security controls, including inactive user monitoring and audit trail availability.
  
  
• Oversee remediation actions from vulnerability and penetration testing.
  
  
• Conduct scenario testing to support Important Business Services and Business Continuity requirements.
  
  Key Competencies:
  
  
• Strong planning and prioritization skills
  
  
• Commercial awareness
  
  
• Customer-focused approach
  
  Required Skills & Knowledge:
  Essential:
  
  
• Understanding of IT hardware, networks, and infrastructure.
  
  
• Awareness of IT and cyber security principles.
  
  
• Experience working with Microsoft Office 365.
  
  
• Strong analytical, written, and verbal communication skills.
  
  
• Ability to prioritize tasks and manage workloads effectively.
  
  Desirable:
  
  
• IT security or cyber-related qualification.
  
  
• Experience with IT infrastructure, including servers, Active Directory, switches, and firewalls.
  
  
• Familiarity with on-site, off-site, and cloud backup solutions.
  
  This role offers an exciting opportunity to contribute to the company’s IT and cyber risk strategy while developing expertise in a dynamic and regulated environment