Cyber Security Analyst
Manchester (Hybrid- Office visit once every 2 weeks)
£40,000-£50,000 with Fantastic Benefits
Are you a motivated Cyber Security Analyst looking for your chance to join an exciting & rewarding organisation? This is an exciting opportunity for someone who is looking to develop their career within the security space.
As part of the Cyber Security team, the purpose of this role is to protect the organisation's systems and information by recommending controls in line with our Information Security Framework and ensuring controls are implemented and remain effective by performing compliance checks.
The company itself is a non-for-profit public body within the medical industry. The company works to protect patient safety and improve medical education and practice across the UK. This is achieved by working with doctors, employers, educators and patients to achieve high standards of care. The company culture focuses on 5 key values (Integrity, Excellence, Collaboration, Fairness and Transparency) which create a supportive and inclusive work environment. It is a fantastic opportunity to join the growing team and know that your contributions really do make a difference.
The core elements of the role are supporting the management of cyber security at the organisation by:
- Ensuring compliance with and contributing to our information security policies and procedures.
- Performing information security reviews of third-party suppliers and their services to the organisation.
- Managing and maintaining compliance checks in line with the information security framework.
- Managing, investigating, recording and analysing reported security incidents and access requests.
- Providing information security training and guidance to colleagues and maintaining awareness of the global IT security climate
- You will be responsible for performing security assessments of potential third-party suppliers as part of our Procurement process to ensure new and existing products and services are compliant with our Information security standards.
- As part of your role, you will implement new security compliance controls and maintain evidence logs of existing controls within the information security controls framework.
- Carrying out detailed analysis of statistics, system logs, procedures and practices to ensure compliance with policies and the information security controls framework.
- You will be responsible for investigating reported security incidents and staff access requests, ensuring they are processed in line with the relevant procedures and service level agreements.
- As part of your role, you will produce management reports based on the analysis of reported security incidents and other information security related information and statistics.
- Contributing to our information security audits, risk assessments and third-party information security due diligence reviews.
- Supporting the development of systems and processes to promote excellence in information security, ensuring the organisation complies with ISO 27001, BS 10008, NHS DSP Toolkit, PCI DSS, relevant legislation and best practice.
- Providing training, advice and guidance to staff, contractors and our suppliers to ensure understanding and compliance with our policies and procedures.
- Pro-actively identifying areas for improvement and working with colleagues to implement improvement measures, applying a continuous improvement approach.
- Keeping up to date with information security and cyber security best practice guidance and new threats.
- You will apply and manage the relevant equality, diversity and inclusion policy and practice relevant to the role.
- You will apply the relevant management systems, procedures and policies relating to risk management, health and safety, information security and business continuity.
- Any other reasonable duties as may be assigned from time to time.
- Security standards and best practice, including ISO 27001, CIS Benchmarks, OWASP and NIST Cyber Security framework is essential.
- 2-3 years relevant working experience within an information security related role. Professional qualifications such as ISO 27001 Lead Auditor, CISM, CISRM, CISSP or CRISC are desirable.
- Excellent IT skills and be able to use MS Office Suite products and Electronic Document and Records Management (EDRM)
- Experience of technical security controls associated with the secure implementation of SaaS applications such as M365 is desirable. Similar experience of technical security controls associated with Azure workloads and other cloud services is desirable
- Relevant and up to date understanding of network infrastructures, operating systems, firewalls and web security is essential.
Innovation & Problem-solving skills
- 25 Days Annual Leave
- 15% Pension
- Life Assurance/Private Medical Insurance
- And more…
If you believe that you are a good fit for this role, submit your CV now with a cover letter. We are more than happy to answer queries and help with your journey. This role is a great opportunity for an individual in this field of work who is ready to maximise their potential and reap the rewards that come with the Cyber Security Analyst position.