Information Security Analyst

Job Title: Security Analyst

Location: Hybrid - remote with occasional travel to FI centres. Volume of travel will be dependent on project schedule.

Reports to: Information Security Manager

Contract Length: Permanent

Founded in 2007 First Intuition (FI) is an award-winning, UK-based provider of

predominantly accountancy training and apprenticeships. We currently have ~ 500 staff

based across 15 physical locations and remotely, but we continue to grow rapidly. In

April 2023, we secured investment from the private equity firm Apiary Capital who

continue to support us in our growth plans, including acquisitions of six First Intuition

franchises over the past two years.

Our success is due to our approach to training and our links with businesses. We work

closely with organisations to precisely understand their needs and incorporate these

into innovative course designs, where the interaction with students is tailored, personal

and reflects their specific circumstances. This approach has led to First Intuition being

awarded an ‘Outstanding’ rating by Ofsted.

We consider ourselves a national provider with locally held relationships. This enables

us to deliver student focussed programmes and build strong relationships with all of

our clients, big or small. With a talented team we are dedicated to fostering a

collaborative and inclusive culture that supports both personal and professional

growth and were voted as one of the Sunday Times Best Places to Work 2024.

To find out more about First intuition please check out our website

here: https://www.firstintuition.co.uk and our Careers Page

here: https://apply.workable.com/first-intuition to find out about who we are, and learn

about the fantastic benefits our employees enjoy.

This role is being created to further support our security operations and enhance our security capabilities in line with the ever-evolving threat landscape as we grow. It is critical to our business model that security risks are proactively identified and managed in line with our risk appetite.

To achieve our goals, we are seeking a skilled Security Engineer. In this pivotal role, you will be joining our Infosec team and working closely with the wider Tech team, system owners, partners and managed service providers to champion secure designing and implementation of systems and infrastructure, proactive identification and remediation of vulnerabilities and optimising existing incident detection & response solutions and other security tools.

We’re looking for a hands-on individual with an ability to not only identify vulnerabilities but also implement solutions.

• Securely manage M365 & Azure resources, implementing comprehensive security policies and initiatives.

• Implement security measures and controls for EUC environments, including endpoint security, access controls, and device management.

• Conduct and oversee regular vulnerability assessments on systems, networks, and applications.

• Identify, analyse, and prioritise vulnerabilities based on risk and potential impact and utilise threat intelligence analysis to determine the risk posed by identified vulnerabilities.

• Collaborate with the IT MSP to develop and implement remediation plans, drive remediation efforts and identify improvements in the vulnerability management program.

• Monitor and track the status of identified vulnerabilities and ensure timely resolution.

• Stay up to date with the latest security threats, vulnerabilities, and mitigation techniques.

• Prepare detailed reports and documentation of findings, including risk assessments and recommendations.

• Contribute to the maintenance of security policies, procedures, and standards.

• Report on patch compliance and vulnerability remediation as a part of our vulnerability management program.

• Leverage Microsoft Defender EDR/XDR and other security tools to monitor, analyse, and respond to security threats.

• Investigate suspicious activity and determine if incidents have occurred.

• Contain and mitigate security incidents to prevent further impact.

• Contribute to the maintenance of incident response strategies, policies and plans.

• Analyse incidents to identify root causes and recommend corrective and preventive measures.

• Develop and maintain incident response playbooks and processes.

• Develop, implement, and optimise security automation processes to improve detection, response, and mitigation efforts

• Ensure security configurations align with compliance frameworks such as ISO 27001, Cyber Essentials Plus, and regulatory requirements

• Degree or postgraduate degree in Computer Science, Cybersecurity, Information Technology, or equivalent industry experience.

• Proven experience with M365 security solutions.

• Proven experience in system configuration and hardening.

• Strong understanding of security best practices.

• Ability to collect, analyse, and interpret data to make informed decisions. This includes critical thinking, logical reasoning, and data analysis.

• Clear and effective communication with stakeholders, development teams, and other cross functional teams to articulate goals.

• Exceptional analytical and problem-solving abilities.

• Excellent verbal, written and interpersonal skills and ability to articulate information.

• Consistency and attention to detail in all written work.

• Relationship building and ability to manage and engage with stakeholders, ensuring alignment on product goals and expectations.

• Flexible and collaborative mindset with ability to manage multiple priorities.

• Ability to work well in a team as well as independently.

• Right to live and work in the UK and able to travel, when required, to centres.

• Experience of Microsoft Sentinel

• Knowledge of Cyber Essentials, Cyber Essentials Plus and/or ISO 27001

Benefits:

As a valued member of the FI team, you will benefit from:

• 25 days annual leave (based on fulltime hours) PLUS bank holidays
• Equipment provided for homeworking
• Flexible-working positive employer with a range of family-friendly policies
• Employee Assistance Programme: 24-hour confidential access to counselling and support services
• Competitive Pension
• Private Medical Insurance
• Training and development opportunities
• Long term career prospects in a growing company
• Employee perks including a range of discounts to suit your lifestyle

First Intuition are dedicated to safeguarding children, young people, and vulnerable adults. All roles require reference checks, an enhanced DBS, and online searches in line with KCSIE guidelines. This post is exempt from the rehabilitation of Offenders Act 1974.

First Intuition is committed to safeguarding and promoting the welfare of children and vulnerable adults. All staff are expected to share this commitment and adhere to our Safeguarding and Prevent Policy, which can be viewed here.

We are a disability confident employer, committed to equal opportunities for all applicants. If you need reasonable adjustments during the recruitment process, please let us know.