Cyber Security Analyst (Architecture)

This role will sit within our Cyber Architecture team, ensuring secure design and strategic decision-making. You will collaborate closely with architects and engineers to embed security principles and policies into new systems and services, ensuring robust, scalable, and secure solutions across both IT and OT environments. You will contribute to the creation and management of a cyber security roadmap, ensuring Anglian Water remains resilient to threats. The Cyber Security Analyst is a pivotal member of the cyber security team, responsible for translating the organisation's cyber security strategy into effective protection across both IT and OT environments. Working across multiple domains-including Governance, Risk & Compliance (GRC), Security Operations (SecOps), Architecture, and Identity-the analyst will be deployed into a specific function based on organisational needs and emerging threats. Over time, analysts will have the opportunity to rotate between these domains to develop broad and well-rounded cyber security expertise. As a primary operational resource, the Cyber Security Analyst plays a key role in delivering day-to-day security activities, supporting incident response, assessing risks, and operating technical controls. The role also contributes to the secure design and implementation of new systems and services, ensuring the organisation maintains a strong security posture. This is a diverse and hands-on position, offering exposure to a wide range of security activities across both operational technology (OT) and information technology (IT) environments. Success in the role requires a strong technical foundation, analytical thinking, and a collaborative mindset, as the analyst will work closely with colleagues across IT, OT, and wider business functions. Whether managing security controls, supporting audits and compliance reviews, or influencing secure architecture decisions, the Cyber Security Analyst will play a central role in strengthening the organisation's cyber resilience and maturity. What will you be doing?

• Carry out assessments of cyber security controls across the business and with third-party suppliers, producing clear reports and action plans.
• Identify and communicate cyber risks, recommending practical mitigations and tracking remediation progress.
• Support audits, penetration testing, vulnerability assessments, and overall compliance with regulatory requirements.
• Produce high-quality dashboards and reports for senior leaders and governance forums.
• Act as a key point of contact with regulators such as DWI and NCSC.
• Promote a culture of continuous improvement by sharing insights and championing innovation across teams.
• Collaborate with colleagues across IT, OT, and wider business functions to align cyber activity with strategic objectives.
• Engage with industry peers to benchmark performance and bring in best practice.
• Contribute to the development, maintenance, and rollout of cyber security strategy, policies, standards, and guardrails.
• Work with technical and non-technical teams to embed cyber requirements into new systems, services, and architecture decisions.
• Provide cyber expertise into projects, ensuring secure design, appropriate risk assessments, and testing.
• Support Security Operations by assisting investigations, raising incidents, coordinating with SOC teams, and improving operational security controls.
• Assist with incident response activities-including detection, response, and recovery-to minimise impact on critical services.
• Monitor security services and support continuous improvement to enhance overall security posture.

We’re looking for a highly capable and motivated Cyber Security professional who combines strong technical knowledge with excellent interpersonal skills.

You’ll bring:

• A degree (or equivalent experience) and formal cyber/IT/OT qualifications such as CySA+, Security+, CISSP or CISM.
• A solid understanding of threat, risk assessment and risk management principles.
• Strong knowledge in IT, OT, or cyber security, with a broad understanding across the wider cyber landscape.
• Awareness of core networking concepts such as TCP/IP.
• Natural curiosity and logical problem-solving ability.
• High integrity, with the discretion required when handling sensitive information.
• The ability to build effective relationships with both highly technical colleagues and non-technical users.
• A calm, composed approach under pressure.
• A self-motivated, determined mindset with strong attention to detail.

Anglian Water is not your typical water company. What we do really matters. Water is the lifeblood of our world and we’re proud of the difference we make. We put people at the heart of our business, and we truly love what we do! If you’re passionate about what you do and would like to make a difference, then we’d love to hear from you.

• 26 days leave, rising with service + Bank Holidays, with the option to swap Christmas and Easter holidays for those celebrated by your religion
• A flexible working culture
• Competitive pension scheme - we double-match your contributions up to 6%
• Bonus Scheme