Cyber Security Analyst

This organisation is seeking a pragmatic, hands-on Cyber Security Analyst to help mature their security function.

This role will work closely with an outsourced SOC provider and internal teams to triage and investigate security events, support supplier security assurance, provide risk-based advice across the organisation, and drive automation of security processes and tooling. This is a hands-on role suited to someone who enjoys problem-solving, working across teams, and improving how security is delivered in a complex, mission-driven organisation.

Key Areas of Responsibility:

Security Monitoring & Incident Support

• Act as the internal focal point with the outsourced SOC provider - ensuring effective communication, follow-up, and escalation of alerts.
• Triage, investigate, and support resolution of security events and incidents.
• Contribute to lessons learned and improvements following incidents.
• Lead the instantiation of the Cyber Security Incident Response Team (CSIRT) and associated processes and playbooks

Supplier & Third-Party Security

• Assess cyber security risk for key suppliers and partners.
• Review supplier security documentation, raise concerns, and help negotiate security requirements.

Risk & Advice

• Provide pragmatic, risk-based security guidance to internal teams and respond to ad-hoc queries.
• Help develop and maintain security standards and processes that reflect organisational risk tolerances.
• Advise system owners and project managers on pen testing approach and scope
• Run simulated phishing campaigns and produce security awareness communications

Automation & Process Improvement

• Identify and implement opportunities to automate security detection, response, reporting, and remediation workflows.
• Work with the SOC and internal technical teams to refine alert logic, improve data quality, and reduce manual effort.
• Help optimise security tools (e.g., SIEM, EDR, ticketing, dashboards).

General

• Develop and produce regular Security reports for senior management.
• Monitor and respond to queries in group mailbox, * Efficient, risk-focused handling of alerts & incidents alongside the SOC partner.
• Clear, up-to-date internal security standards and processes.
• Reduced manual effort through practical automation improvements.
• Strong supplier security assurance controls supporting risk-based decision-making., * This role will be home-based with occasional travel to the employers head office or other UK locations (generally one/two days per month).

• 5 years' experience in a cyber security, IT security, or technology risk role
• Practical, demonstrable experience of working with a SOC (internal or outsourced) and investigating cyber security incidents using best practice methodologies and tools
• Good understanding of cyber risk concepts, controls, and technical security tools.
• Strong communication skills with both technical and non-technical stakeholders and experience producing communications materials and reports
• Relevant security certifications/qualifications (e.g. CISSP, SSCP, GCIA, CEH, CompTIA)
• Knowledge of UK best practice frameworks (e.g., NCSC guidance, PCI DSS, ISO 27001, Cyber Essentials).
• Scripting or practical automation experience.
• Experience assessing third-party/supplier security risk.
• Demonstrated passion for and experience in improving security processes and utilising automation to achieve this
• Experience with threat hunting and horizon scanning
• Strong technical security knowledge of networking technologies, IDAM, EDR/XDR
• Experience supporting security and compliance audit activities, * Pragmatic and solutions-focused, with an ability to balance risk and usability
• Curious and motivated to improve and automate how security operates
• Comfortable working in a developing security function where processes are evolving
• Collaborative and supportive, with a strong sense of ownership
• Aligned with the values and mission of the organisation

• This is a permanent, full-time role for 37.5 hours per week.