IT Security Analyst

Overview

We are seeking an experienced and proactive IT Security Analyst to join our team and play a key role in protecting systems, data, and communities from evolving cyber threats. This is an exciting opportunity to help shape and strengthen the organisation’s information security approach within a purpose-driven environment.

This hands-on role will focus on designing, implementing, and operating security controls across infrastructure, endpoints, and cloud services. You will be responsible for day-to-day security operations, including threat monitoring, vulnerability management, incident response, and risk mitigation, while acting as a key escalation point for security-related incidents and concerns.

Working closely with IT, Digital, and Information Governance teams, you will help ensure systems and services are secure by design and compliant with recognised standards including Cyber Essentials Plus and the NHS DSP Toolkit.

This role offers the opportunity to make a real impact by embedding security best practices across projects, operations, and organisational culture.

Key Responsibilities

Security Operations & Monitoring

• Monitor, detect, investigate, and respond to security threats and incidents across infrastructure, systems, endpoints, and cloud services
• Manage vulnerability assessments, remediation activities, and security patching processes
• Operate and improve security monitoring and alerting tools
• Support incident response activities and act as an escalation point for security-related issues
• Assist in the development and maintenance of security controls and technical standards

Governance, Risk & Compliance

• Support and maintain compliance with Cyber Essentials Plus, NHS DSP Toolkit, and other relevant security standards
• Contribute to the ongoing development and improvement of the Information Security Framework
• Assist with internal and external audits, risk assessments, and compliance reporting
• Support business continuity and disaster recovery planning activities
• Help identify, assess, and manage information security risks across the organisation

Collaboration & Stakeholder Engagement

• Work collaboratively with IT, Digital, and Information Governance teams to ensure security is embedded into projects and operational activities
• Provide practical and proportionate security advice to colleagues, volunteers, and stakeholders
• Promote security awareness and contribute to building a positive security culture across the organisation
• Support continuous improvement initiatives relating to cyber security processes, controls, and best practices

Candidate Requirements

Essential Skills & Experience

• Previous experience in an IT Security Analyst, Cyber Security Analyst, or similar information security role
• Strong understanding of cyber security principles, frameworks, and best practices
• Experience managing security operations, including:
• Vulnerability management
• Threat detection and monitoring
• Incident response
• Endpoint and cloud security
• Knowledge of Microsoft 365 and cloud security environments
• Experience supporting compliance with standards such as Cyber Essentials Plus and/or NHS DSP Toolkit
• Understanding of security risk management and governance principles
• Ability to communicate technical information clearly to both technical and non-technical audiences
• Strong problem-solving and analytical skills
• Ability to work collaboratively across multiple teams and stakeholders

Desirable Skills & Experience

• Experience within healthcare, charity, public sector, or regulated environments
• Familiarity with SIEM, endpoint protection, and vulnerability management tools
• Understanding of networking, firewalls, identity management, and access controls
• Relevant certifications such as:
• CompTIA Security+
• CISSP
• CISM
• Microsoft Security certifications
• CEH or equivalent