Senior Security Analyst

We are looking for an enthusiastic and detail-orientedSenior Security Analystto join our growing information security and data protection team.

TheSenior Security Analystis an experienced security professional responsible for performing more advanced security and data protection tasks with a higher level of autonomy. In this role, you will be responsible for conducting comprehensive security and data protection assessments, overseeing vulnerability management, developing and updating security and data protection policies, reviewing configurations, and providing expert guidance to the organization. You will be expected to operate with minimal supervision and mentor junior analysts as needed.

This is a full-time position with some mentoring responsibilities. Occasional after-hours work may be required for incident response or urgent security tasks.

Successful candidates will be enrolled on a fully funded level 6 Cyber Security Risk Analyst apprenticeship and will be provided with mentoring support to help you grow and learn. Upon successful completion of the level 6 qualification, it is anticipated that you will be able to progress to a fully funded level 7 qualification (MSc) in Cyber Security.

Responsibilities:

1. KPI Reporting & Metrics Analysis:
   • Lead the accurate tracking of KPIs related to security and data protection performance and risk management.
   • Analyse data to identify trends, areas of improvement, and potential security and data protection risks.
   • Prepare detailed reports for management and advise on mitigation strategies.
2. Lead Security Assessments:
   • Perform risk assessments, vulnerability assessments, and commission penetration tests with minimal supervision.
   • Prioritize and manage findings, providing actionable recommendations for remediation.
   • Conduct security and data protection audits and collaborate with IT and development teams to identify weaknesses.
   • Completes security and data protection assessments from clients.
3. Policy & Standards Development:
   • Develop and update security and data protection policies, procedures, standards, and guidance to align with industry best practices and regulatory requirements.
   • Review policies and provide recommendations for improving the organisation's security and data protection posture.
   • Supports the implementation of privacy policies and ensuring privacy by design and by default in company operations.
   • Helps with data mapping, DPIAs (Data Protection Impact Assessments).
4. Configuration Reviews:
   • Conduct detailed configuration reviews of systems, networks, and applications.
   • Work with cross-functional teams to ensure that security configurations meet established standards.
5. Vulnerability Management:
   • Oversee the identification and remediation of vulnerabilities across systems.
   • Coordinate vulnerability scanning, patching, and remediation efforts with internal teams.
   • Provide leadership in addressing critical vulnerabilities and mitigating risks.
6. Incident Response:
   • Support the incident management leads, helping to coordinate the response to security incidents, including data breaches, system compromises, or attacks.
7. Application Security:
   • Work with development teams to embed secure coding practices.
   • Conduct regular security assessments of the company’s software, including the proprietary products sold to clients.
8. Collaboration & Communication:
   • Provide security and data protection guidance to internal stakeholders, ensuring security considerations are incorporated into development and operational practices.
   • Participate in ongoing security and data protection awareness training initiatives.
   • Mentor and support junior analysts, assisting in their professional development.

Minimum Requirements:

• Level 4 qualification in Cybersecurity, Information Technology or a related field, or equivalent experience.
• 2-4 years of experience in information security or a related field.
• CompTIA Security+, Cisco CCNA, CISMP, or other entry-level certifications are preferred, but not essential.
• Proven experience with security assessments, vulnerability management, risk mitigation, and security incident response.
• Strong technical expertise in security tools, technologies, and methodologies.
• In-depth knowledge of security frameworks and best practices (e.g., NIST, ISO 27001).
• Ability to work autonomously and manage multiple tasks simultaneously.
• Exceptional problem-solving, investigative, and analytical abilities.
• The adaptability to do a range of work, sometimes complex and non-routine, in different environments.
• The ability to work under direction, use discretion, and determine when to escalate issues.
• Strong written and verbal communication skills, with the ability to interact effectively with both technical and non-technical stakeholders.

Work’s a treat!
On top of a competitive salary, you can expect a whole load of perks:

• 25 days’ holiday + bank holidays– we understand the importance of you getting some downtime.
• Annual Wellbeing Day– enjoy an additional day on us to look after your physical and mental wellbeing.
• Pension Scheme– helping you save towards your retirement home in the sun!
• Corporate Medical Cash Plan– claim back the cost of your medical treatments.
• Smart Working Options– spend up to 40% of your working week from home.
• So many savings– through our online community platform, you can access dozens of daily deals, from money off top brands to discounts on days out.
• Employee Assistance Programme– our people are at the heart of everything we do, so if you’re happy, we’re happy.
• Cycle to Work Scheme– save on the cost of biking to work.
• Monthly Employee Awards- Employee of the Month programme with £250 bonus.
• Raising money for charityincluding a paid Volunteer Day – we’re all about giving back… and having lots of fun in the process!
• Referral scheme– know the perfect person to join the team? You could bag £1,500 for putting a good word in.
• Wellbeing Programme– giving you the opportunity to join regular, interactive Wellbeing Workshops or join our 30 plus Wellbeing Champions.
• Enhanced Family Friendly Leave– support for you and your family to help you navigate through the craziness of family life.

We Value Diversity

We champion and welcome diversity in our workforce and ensure all job applicants receive equal and fair treatment, regardless of age, race, gender or gender identity, religion, sexual orientation, disability, or nationality.

We are not only committed to increasing the visibility and recognition of talent from under-represented groups within our organisation, but the wider industry too.

At the end of the day, we make sure we take time to look after ourselves, each other, and the planet, because we’re always stronger together.

ITG have a number of community groups (ERGs) available to employees which offer a safe space for like-minded colleagues, with shared interests to connect, socialise and check in with each other. These include Black ITGers Together, LGBTQ+ Together, Mens Health Together, Muslims Together, Neurodiversity Together, Working Parents and Carers Together and Women In Tech Together.

What next?
If you found yourself interested in knowing more, drop us your application and someone from our team will be in touch.

#J-18808-Ljbffr