Cyber Security Analyst (Band 7) - IT and Data Services - Provide CIC

Provide CIC
Colchester
3 days ago
Create job alert

The Cyber Security Analyst is responsible for the identification and handling of threats, both internal and external, to the security of Provide and Provide group companies. The Cyber Security Analyst will be expected to research and identify cutting edge techniques and technologies which will strengthen the organisation’s cyber security position.

The Cyber Security Analyst will work closely with the Technology Security and Cloud Lead and Director of IT & Systems to ensure all areas of the Environment are maintained and developed to high standards, security is of the highest priority and part of the role will be to analyse gaps, recommend and implement improvements.

A strong knowledge of security hardening techniques, exploit mitigation and security incident management is essential and will be utilised when planning upcoming projects and BAU activities.

Main duties of the job

  1. Provide strategic and technical expertise to design, implement, and manage advanced cybersecurity solutions.
  2. Analyse security events and investigate security alerts, resolving or escalating appropriately.
  3. Document security incidents, identifying process and tooling improvements.
  4. Conduct security assessments through vulnerability testing and risk analysis.
  5. Perform root-cause analysis of security breaches.
  6. Develop and refine incident response playbooks.
  7. Utilise threat intelligence to identify attack scale, type, and affected systems.
  8. Act as primary contact for logging and managing security incidents and events.
  9. Assist with internal and external audits, preparing required information.
  10. Create and maintain security procedure manuals.
  11. Promote cybersecurity awareness across the organisation.
  12. Stay informed about legal, regulatory, and technological cybersecurity developments.
  13. Communicate complex technical issues clearly to technical and non-technical stakeholders.
  14. Use diplomacy and negotiation skills when agreeing priorities with senior management and suppliers.
  15. Deliver technical presentations and training on cybersecurity topics.
  16. Independently plan workload, make decisions, and implement improvements within organisational policies.
  17. Act as lead specialist, resolving complex cybersecurity problems autonomously.
  18. Assist with induction and professional development of junior team members.
  19. Allocate tasks and oversee junior staff workload planning.

Working for our organisation

Provide is a Community Interest Company (social enterprise). We deliver a broad range of health and social care services in the community, and are committed to making sure that they are safe, responsive and of high quality. Provide is owned by its employees and has primarily social objectives. Any profits we make are reinvested into the local community or back into delivering services.

We work from a variety of community settings, such as community hospitals, community clinics, schools, nursing homes and primary care settings, as well as within people’s homes to provide more than 40 services to children, families and adults across Essex, Dorset, East Anglia and the North of England.

A highly respected, award winning health and social care provider. We expect our staff to demonstrate and uphold our values at all times:

Vision:Transforming Lives

Values:Care, Innovation and Compassion

Mission:An ambitious, employee owned social enterprise, growing in size and influence. We transform lives by treating, caring and educating people.

Provide is an equal opportunity employer committed to building a team that represents a variety of backgrounds, perspectives and skills, proud to have LGBT+, Ethnic Minority and Men’s Networks.

We welcome applicants from underrepresented groups. If you have the skills and experience for the job, please apply regardless of your background.

Detailed job description and main responsibilities

Operational or Strategic Responsibilities

  1. Provide analytical, strategic, and technical skills to design, develop, implement, and use state-of-the-art technology cybersecurity solutions aimed at reducing risk.
  2. Analysing security event data arising from activity across the organisation with the goal of detecting malicious activity.
  3. Investigating security alerts and incidents generated by security tools within the organisation, resolving or escalating as appropriate.
  4. Producing documentation relating to the processing of alerts and incidents which includes the identification of improvements to processes and/or tooling.
  5. Conducting security assessments through vulnerability testing and risk analysis.
  6. Analysing security breaches to identify the root cause.
  7. Define and mature ‘playbooks’ for response to cyber threats.
  8. Use threat intelligence to pinpoint scale of the attack, the type of attack and systems affected.
  9. Provide incident response for confirmed security incidents.
  10. Be the point of contact for Security incidents, events and requests and ensure all are logged.
  11. Assist with any internal and external audit requirements and collate information as necessary to respond to any queries where appropriate.
  12. Creation and maintenance of procedure manuals.
  13. Promoting Security awareness across the business.
  14. Understand legal & regulatory requirements and procedures in place relating to Security.
  15. Actively remain informed about new and evolving technological and cyber security change, including working towards and obtaining relevant professional certifications.

Communication and Relationship Skills

  1. Use of tact and diplomacy when dealing with customers and suppliers.
  2. Use of negotiation skills when setting and agreeing priorities with senior managers, e.g. when prioritising developments, agreeing system designs or new processes.
  3. Give technical presentations and training on complex IT issues.
  4. Communication of a range of complicated, detailed and difficult to explain multi-stranded IT issues to both peers and non-IT staff and suppliers.
  5. Communication of complex IT issues and solutions with staff at various levels across the trust and to external technical teams, this requires excellent written and verbal communication skills.

Autonomy

  1. Ensure their own training is up to date.
  2. Keep up to date with national guidance and Provide policies, highlighting any required changes to the department’s manager.
  3. Plan own workload and activities to meet project deadlines and provide user support.
  4. Ability to work unsupervised and make decisions without referring to a manager to achieve agreed objectives.
  5. Review, propose, develop and implement processes for own area of work.
  6. Act as a lead specialist in own area of work.
  7. Using knowledge gained through formal learning and work experience to make judgements on how to most effectively resolve IT problems where there may be a range of options.
  8. Work within broad policies and national guidance that may require interpretation due to the complexity and technical nature of the guidance.

Responsibility for Human Resources/Supervision or Management of others

  1. Assist with the induction of new members of staff.
  2. Supporting the development of more junior members of the team.
  3. Deliver training on a range of IT subjects to other members of the IT Team.
  4. Allocates work to more junior members of staff.
  5. Plans workload within own area of work.

Responsibility for Finance/Resources or Budget

  1. Ordering and receipting of IT hardware and software which can often be of high value.
  2. Responsible for the proper and safe use of IT equipment by users.

Use of Information Resources

  1. Responsible for the planning, development, review, update and introduction of IT infrastructure and server related projects, e.g. implementation of new servers.
  2. Ensuring databases are kept up to date and maintained to a high quality, this will include the Configuration Management Data Base.
  3. Entering data into a range of IT systems and auditing this data when required.
  4. Production of reports.
  5. Using analytical skill for the production of statistics on the performance of the department and suppliers for the service managers, these may be circulated to Provide’s board members and Senior Management Team.
  6. Email, telephone and face to face communication with customers and suppliers.
  7. Making modifications and repairs to IT software, hardware and code.
  8. Development of training materials and processes.

Responsibility for Patient Care

There is no responsibility beyond ‘incidental contact’ with patients.

Person specificationQUALIFICATIONS & EDUCATION

  1. Educated to Degree level (Alternatively significant level of experience working at a similar level in a specialist area. Plus, recognised qualification such as ECSA or equivalent cyber security experience. Evidence of professional and/or personal development.
  2. ITIL foundation certificate or higher
  3. Obtained or working towards any of the below or equivalent: CEH CISM CISSP OSCP CASP+

WORK RELATED KNOWLEDGE & EXPERIENCE

  1. Understanding of vulnerability management and related management tools.
  2. Good knowledge of OWASP top 10
  3. Understanding of penetration testing methodology and related tools and techniques
  4. Ability to perform web application vulnerability assessments
  5. Understanding of server, client and network technologies.
  6. Understanding of attacker techniques, from post-exploitation to full system compromise and lateral movement.
  7. Understanding of defender techniques.
  8. Ability to perform internal security assessments.
  9. Network Threat Protection and response / reporting.
  10. PowerShell scripting
  11. Azure and AWS administration
  12. M365 administration and security
  13. Good knowledge of firewalls and networking
  14. Familiar with Kali OS
  15. Familiar with Linux based OS’s
  16. Experience with Bloodhound, Sharphound, NMAP and other security tools.
  17. Experience with log management and SIEM
  18. Experience of threat hunting
  19. Experience creating security assessment reports and documentation.
  20. Incident response reporting experience

FURTHER INFORMATION:

How will we contact you?

  1. All correspondence for this post will be by email or text messaging. Please register for text messages on your TRAC account. Applicants are advised to check their email accounts regularly to ensure that email filters are set to allow our mails.
  2. As we often have many applicants for jobs at Provide, we regret that we will only be able to contact those external applicants who are shortlisted for interview. Therefore if you have not heard from us within 2 weeks of the closing date, then please assume you have not been shortlisted for interview on this particular occasion. Internal candidates who are unsuccessful can seek feedback from the recruiting manager.
  3. If you wish to contact the Recruiting Manager about the vacancy/role or for feedback after interview, their details are provided within the advert.

Checking progress on your application?

To check progress on your application, please log into yourTRACaccount. We aim to keep you updated on the status of your application as soon as we can.

Closing Date

Provide reserves the right to close this vacancy at any time or bring forward the closing date should it have an overwhelming response. We therefore encourage an early application to ensure consideration for this post.

Professional UK clinical registration required for the role?

If we require you to hold UK professional clinical registration to undertake a role we appoint you to, Provide will pay for your registration during the first year of your employment.

Provide CIC continues to encourage all colleagues to ensure they have been double vaccinated and received a booster vaccination.

We recognise taking the vaccine provides the best defence against COVID 19 for our patients, service users, customers, fellow colleagues, and their families.

Our staff have been trained in 'Anti-Fraud' and will use technology to examine identity/immigration documents.

Disability

If you have a disability and need assistance or more time to complete your application or attending interview, please contact a member of the HR Services Team on or .

Work Trials

Please check with your local Job Centre Plus to see if you are eligible for a Work Trial. If you are interested in trying this job first, please contact the HR Services team and we can help you make the arrangements with the Job Centre and the Recruiting Manager.

We are committed to equal opportunities, flexible working practices and the National Living Wage.

SuccessfulApplicant:

You will be required to bring all your documentation to your interview to show the recruiting manager and again at your pre-employment appointment with the Recruitment Co-Ordinators.

The information that you provide will be treated confidentially. If you fail to provide all of the information, Provide may not be able to fulfil our contractual obligations to you or may be prevented from complying with our legal obligations.

Employer certification / accreditation badges

This post will require a submission for Disclosure to be made to check for any unspent criminal convictions.

#J-18808-Ljbffr

Related Jobs

View all jobs

Cyber Security Analyst

Cyber Security Analyst

IT Security Analyst

Cyber Security Analyst - Luton

Cyber Security Analyst

Cyber Security Analyst

Get the latest insights and jobs direct. Sign up for our newsletter.

By subscribing you agree to our privacy policy and terms of service.

Industry Insights

Discover insightful articles, industry insights, expert tips, and curated resources.

Jobs

Cyber Security vs. Ethical Hacking vs. Security Analysis Jobs: Which Path Should You Choose?

In an era where data breaches, ransomware attacks, and sophisticated digital threats dominate headlines, the demand for skilled cyber security professionals has never been higher. From global corporations to small businesses, organisations are scrambling to protect their systems, networks, and data from malicious actors. If you’ve been exploring cyber security jobs on www.cybersecurityjobs.tech, you’ve likely encountered various specialised roles—Ethical Hacking (often termed Penetration Testing), Security Analysis, Security Architecture, Incident Response, and more. Yet many job seekers and technology enthusiasts are unsure how these fields overlap or which one is right for them. In this in-depth guide, we’ll demystify three core disciplines—Cyber Security, Ethical Hacking, and Security Analysis—outlining the skills each requires, the responsibilities you can expect, salary ranges in the UK, and typical day-to-day activities. By the end, you’ll have a clearer understanding of these roles, helping you decide which path to pursue in this fast-growing industry. And when you’re ready to take the next step, head over to www.cybersecurityjobs.tech to explore the latest openings and find your perfect match.

Careers

Cyber Security Programming Languages for Job Seekers: Which Should You Learn First to Launch Your Security Career?

Cyber security has become a top priority for companies of all sizes, public institutions, and governments. As cyber threats evolve—from sophisticated ransomware attacks to large-scale data breaches—employers are eager to recruit talent with the skills to detect, prevent, and respond to security incidents. If you’re exploring roles on www.cybersecurityjobs.tech, a key question inevitably arises: Which programming language should you learn first for a career in cybersecurity? Cyber security is a multifaceted domain encompassing network security, application security, reverse engineering, digital forensics, ethical hacking (penetration testing), and more. Each niche may have unique language preferences—like Python for scripting tasks, C/C++ for exploit development, or Rust for building secure low-level tools. In this article, we’ll: Highlight the top programming languages used across cyber security. Break down pros, cons, and key use cases for each language. Present a simple beginner’s project for hands-on learning. Share essential resources and tips, so you can stand out in the competitive cybersecurity job market.

Jobs

UK Visa & Work Permits Explained: Your Essential Guide for International Cyber Security Talent

Cyber security is one of the fastest-growing fields in today’s digital age. As cyber threats proliferate—ranging from data breaches and ransomware attacks to sophisticated nation-state incursions—organisations worldwide are investing more than ever to protect their systems, networks, and customer data. The United Kingdom, in particular, is emerging as a hub for advanced cyber defence, AI-driven threat detection, and compliance consulting. For international cyber security professionals, the UK offers a wealth of career opportunities, spanning financial services, government contracts, tech start-ups, and global corporations. However, stepping into the UK’s cyber security job market requires a clear understanding of the country’s visa and work permit processes. If you are an international candidate with expertise in areas like intrusion detection, penetration testing, or security architecture, navigating these immigration pathways can be daunting. This article aims to demystify the visa process—highlighting key routes, eligibility criteria, and practical tips—to help you seamlessly transition into the British cyber security ecosystem.

🍪 We use cookies to enhance your browsing experience on our website. By continuing to use this site, you consent to the use of cookies as described in our Cookie Policy. You can review our Cookie Policy for more information.