Information Security Analyst – Level 3 CTM/OES

This is a full-time role for a Level 3 Information Security Analyst to join a mature managed services Cyber team responsible for managing the security posture of critical infrastructure and services under an ISO27001 and Cyber Essentials+ certified environment.

The successful candidate will conduct various cybersecurity tasks to ensure client security and compliance with EU/UK regulations, including:

• Cyber Threat Modelling (CTM) exercises
• NIS/NIS2 assessments and remediation
• Security gap assessments and remediation
• Cyber risk management
• Third-party risk management
• Threat and vulnerability management
• Incident response and management

Qualifications & Skills:

• Experience in planning and executing CTM exercises for on-premises and cloud environments
• Knowledge of CTM frameworks like STRIDE, PASTA, MITRE ATT&CK
• Experience with security standards such as ISO27001, NIST CSF, NIST 800-53, CIS benchmarks
• Ability to assess, document, and manage cyber risks, including third-party risks
• Proven remediation and technical control implementation skills
• Understanding of EU and UK NIS/NIS2 directives and other regulations
• Knowledge of security technologies like firewalls, EDR, SIEM, TVM
• Excellent communication, reporting, and presentation skills
• Proactive with strong workload management skills
• Up-to-date knowledge of security threats and exploits
• Willingness to share knowledge and learn new technologies
• Strong analytical and problem-solving skills

Desirable:

• Cybersecurity certifications (e.g., CISSP, CISM, CRISC)

Additional Information:

• Right to work in the UK or Ireland
• Security clearance requirements may apply, including vetting such as SC or NPPV
• Own transport is essential due to location

If you feel you are a good fit even if you don't match every requirement, please get in touch.