IT Security Analyst

Responsibilities

Security Strategy andpliance
Develop, maintain, and enforce IT security policies and procedures. Implement security frameworks (currently Cyber Essentials Plus), tailoring them to Oxera's environment. Conduct risk assessments, identify vulnerabilities, and rmend mitigation strategies. Remain informed about emerging threats, technologies, and regulatory developments.
Monitoring and Incident Response
Collaborate with our external SOC/SIEM service to monitor systems and investigate anomalies. Lead the response to security incidents, including root cause analysis and remediation. Produce incident reports and support regular testing of response protocols. Conduct vulnerability assessments and penetration testing, and follow through on remediation.
Training and Awareness
Deliver security awareness initiatives and training for staff. Provide guidance on secure practices and promote a culture of cybersecurity throughout the firm.
Technology and Tools
Evaluate, implement, and support key security tools (, IDS/IPS, endpoint protection, patch management). Ensure consistent application of system updates and patches. Audit and optimise the performance of automated patching and MDM solutions.
Collaboration
Liaise with internal teams and external partners to ensure alignment of security practices with business goals. Serve as the primary contact for security-related issues, escalating when necessary.
Candidate Profile

Essential Requirements
Demonstrable experience in IT roles with a progressive focus on cybersecurity. Strong understanding of cybersecurity principles, technologies, and standards. Experience with security frameworks,pliance, and vendor management. Clear interest and foundational knowledge in cybersecurity, demonstrated through self-study or relevant projects. Excellent written and verbalmunication skills, with the ability to explain technical matters to non-specialists.
Desirable Qualifications
Industry certifications (,pTIA Security+, CEH). Degree inputer Science, IT, or a related discipline (or equivalent experience). Familiarity with cloud platforms (, AWS, Azure) and associated security practices. Experience with Microsoft Sentinel, DUO MFA, Meraki MDM, and ZENWorks. Understanding of the Cyber Essentials Plus accreditation process. Strong analytical and decision-making skills.
Performance Indicators
Reduction in the number and severity of security incidents. High levels of engagement in security training across the firm. Timely and consistent application of security updates and patches.
Department Information Technology Locations London, Oxford, Brussels Remote status Hybrid Job Type Full Time Job ID kODkYpGGa4EV