Security Analyst

The Security Analyst will play a key role in protecting the organisation's sensitive and proprietary information. They will work across departments to identify weaknesses in security systems, processes and controls, recommending and supporting improvements that strengthen the overall security posture. They will support the Information Security Team by ensuring that cyber and information security controls are implemented effectively and appropriately to safeguard the organisation's information assets., * Support the delivery and continual improvement of the Security Improvement Programme, Business Continuity and Disaster Recovery initiatives, and the Information Security Management System (ISMS).

• Plan, coordinate and follow up on security assessments, including penetration testing, internal audits, supplier reviews and assurance activities.
• Investigate security incidents, document findings, identify root causes and track remediation actions.
• Contribute to information security risk management and Third-Party Risk Management, providing proportionate, risk-based guidance across the business.
• Maintain accurate documentation, reports and evidence to support compliance, governance and assurance requirements.
• Collaborate with technical teams, business stakeholders and third-party partners, promoting strong security practices and awareness.

• Strong understanding of Information Security principles, Governance, Risk & Compliance (GRC), and awareness of cyber threats, vulnerabilities and common control failures.
• Experience with penetration testing coordination, risk management and third-party risk processes.
• Background in information security, technology risk, audit or assurance, with exposure to Business Continuity and Disaster Recovery programmes.
• Familiarity with ISO 27001 and ideally other frameworks such as NIST or CIS.
• Excellent communication, planning and organisational skills, with the ability to build strong relationships across teams and external partners.

NOTE: At SCC, we take the privacy and security of your information very seriously, any information we hold will be by current data protection legislation. Upon submitting your application SCC will process your information in line with our privacy policy which can be found on our website under the Legal section -> Privacy Notice -> Flexible Resourcing