National AI Awards 2025Discover AI's trailblazers! Join us to celebrate innovation and nominate industry leaders.

Nominate & Attend

Security Analyst

Smith+Nephew
Hertfordshire
1 month ago
Create job alert

Life Unlimited. At Smith+Nephew we design and manufacture technology that takes the limits off living.

At Smith+Nephew we are looking for:Security Analyst

The Security Analyst (Governance & Tooling) is responsible for supporting the governance of secure solution delivery and the operational coordination of architectural security assurance processes across the technology estate. Working closely with security architects, enterprise architects, and IT compliance & delivery teams, the role plays a key part in embedding security architecture principles, design risk reviews, and compliance checks throughout the project lifecycle.

The role coordinates and manages the Enterprise Architecture Risk and Security (EARS) and Technology Design Assurance (TDA) processes, ensuring that security risks, control gaps, and compliance obligations are identified early and addressed effectively. In addition, the postholder supports the maintenance of the enterprise architecture toolset (Capsifi), assisting with security-related data integration, modelling, and reporting.

This role is ideal for someone early in their career in security architecture, technology governance, or enterprise architecture, seeking hands-on exposure to secure design review processes, tooling, and stakeholder engagement in a regulated technology environment.

What will you be doing?

Coordinating risk and security assessments for enterprise architecture to identify potential threats and ensure compliance with security policies and regulations Managing secure design assurance processes, facilitating meetings, tracking actions, and collaborating with senior architects to address security risks Maintaining and enhancing security architecture data in enterprise tools, integrating multiple data sources to provide clear visibility of security posture and risks Creating dashboards and visual reports to highlight architectural risk themes, compliance status, and security metrics for stakeholders Acting as a key liaison between project teams, architects, and governance bodies to ensure smooth security review workflows and process adherence Supporting the documentation and evolution of security architecture, including application risk profiles and compliance frameworks, to guide strategic security planning

What will you need to be successful?

A strong interest or background in security architecture, IT risk, or cybersecurity governance, supported by academic study, training, or relevant experience Solid understanding of key security concepts such as secure design, risk assessment, and control frameworks, with familiarity in tools like ServiceNow, Capsifi, LeanIX, ArchiMate, or Visio Proficiency in handling and preparing structured data (e.g., Excel, CSV) for integration and reporting in enterprise architecture tools  Confident communication skills, able to engage effectively with both technical and non-technical stakeholders Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field, with progress or interest in certifications like TOGAF, SABSA, CompTIA Security+, or CCSK  Experience or familiarity with security design reviews, impact assessments, and managing governance in regulated environments is highly desirable Strong organizational skills, a proactive attitude, and a willingness to learn from senior professionals in security and architecture

You. Unlimited.

We believe in creating the greatest good for society. Our strongest investments are in our people and the patients we serve. 

Inclusion, Diversity and Equity:Committed to Welcoming, Celebrating and Thriving on Diversity, Learn more about our Employee Inclusion Groups on our website

Your Future:annual bonus, life insurance, company stock saving plan

Work/Life Balance:paid volunteering hours, flexible approach

Your Wellbeing:private health care with dental care package, multisport card/my benefit platform

Flexibility:possibility of working in hybrid model

Training:Hands-On, Team-Customized, subsidies for language classes, certifications and postgraduate studies

Extra Perks:referral bonus, recognition program, mentoring program

Related Jobs

View all jobs

Security Analyst

Security Analyst

Security Analyst

Security Analyst

Security Analyst

Security Analyst

National AI Awards 2025

Subscribe to Future Tech Insights for the latest jobs & insights, direct to your inbox.

By subscribing, you agree to our privacy policy and terms of service.

Industry Insights

Discover insightful articles, industry insights, expert tips, and curated resources.

10 Cyber Security Recruitment Agencies in the UK You Should Know (2025 Job‑Seeker Guide)

UK cyber security hiring remains resilient in 2025, driven by nation-state threats, cloud security investments, and NCSC regulatory pressures. Lightcast reports +42 % YoY growth in UK roles mentioning “SOC”, “cyber risk”, “offensive security” or “GRC”. Yet despite 30,000 active cyber professionals, monthly live vacancies remain in the 2,500–2,900 range. The result: strong demand across public and private sector. We reviewed 50 + consultancies and included only those that: Are registered in the UK (Companies House) Operate a dedicated Cyber Security / InfoSec / Risk & Compliance desk Posted at least 5 UK cyber security roles between March and June 2025 This guide includes 2025 salary ranges, key skills, interview prep tips, and a verified recruiter directory.

Cyber Security Jobs Skills Radar 2026: Emerging Frameworks, Tools & Certifications to Learn Now

Cyber threats are evolving—and so must the people defending against them. As ransomware, AI-enhanced phishing, and supply chain attacks grow more advanced, UK employers are urgently hiring cyber security professionals with the right mix of strategic and hands-on skills. Welcome to the Cyber Security Jobs Skills Radar 2026, your go-to guide for the most in-demand tools, frameworks, certifications, and technologies shaping the UK's cyber workforce. Whether you're a SOC analyst, penetration tester, or cloud security architect, this annual radar is designed to help you stay ahead of the market.

How to Find Hidden Cyber Security Jobs in the UK Using Professional Bodies like BCS, CIISec & More

The demand for skilled cyber security professionals in the UK has never been higher. With threats increasing in sophistication and frequency, organisations are urgently hiring ethical hackers, threat analysts, GRC specialists, and security architects. But many of the most valuable roles—particularly in government, defence, and critical infrastructure—are never publicly advertised. Instead, these jobs are shared behind the scenes through trusted networks, private communities, and professional bodies. In this article, we explore how to uncover hidden cyber security jobs in the UK using organisations like the BCS (The Chartered Institute for IT), CIISec (The Chartered Institute of Information Security), ISACA, and ISC² UK Chapter. We’ll show you how to use membership directories, special interest groups, CPD events and informal networks to gain early access to roles most people never see.