Cyber Security Analyst

Our organization is recruiting for a Cyber Security Risk Analyst to join a growing team on a permanent basis. This role requires 1 day per week onsite. The Cyber Security Risk Analyst will be responsible for establishing and maintaining a strong security posture across the organization. The team defines security strategies, frameworks, and controls, and ensures their effective implementation to protect information assets and manage security risks.

Responsibilities

• Act as a primary point of contact for information security matters related to service delivery and operational activities.
• Promote awareness and understanding of information security principles, policies, and processes across the organization.
• Identify, assess, and monitor information security risks in collaboration with risk owners, ensuring appropriate controls are applied throughout the service and system lifecycle.
• Evaluate the effectiveness of information security controls and ensure alignment with organizational policies, regulatory obligations, and recognized industry standards.
• Develop, maintain, and improve information security policies, standards, and procedures.
• Support third-party risk management activities, including defining and assessing security requirements for suppliers and outsourced services.
• Lead or contribute to security initiatives and improvement projects, working with cross-functional teams to enhance security processes and increase automation where appropriate.

Skills / Experience Required

• A degree in computer science, information technology, or a related discipline, or equivalent professional experience.
• 5+ years of experience in information security or related IT roles, with strong exposure to risk management, security frameworks, and control design.
• Broad knowledge of information security technologies, architectures, and operational processes, including information security management systems and industry standards (e.g. ISO 27001, COBIT, DORA, NIS2).
• Experience working with data, reporting, automation, or AI-enabled tools to support security processes.
• Experience managing or assessing security risks associated with third-party suppliers, cloud services, and outsourced environments.
• Proven ability to manage projects and influence stakeholders in complex organizational environments.
• Strong communication skills, with the ability to produce clear, professional documentation and communicate effectively with technical and non-technical audiences.

Benefits

Hybrid Working - Only 1 Day per week required on site

Healthcare

Bonus

Childcare Allowance

Pension

Sub Canteen