IT Security Analyst

We're looking for a proactive and experienced IT Security Analyst to join our growing team and help strengthen our organisation's security posture.

In this hands-on role, you'll be at the heart of our day-to-day security operations - monitoring threats, refining policies, and supporting our ongoing ISO 27001 and Cyber Essentials certifications.

You'll work closely with both IT and business stakeholders to embed robust, practical security practices that align with our wider business goals.

This is a fantastic opportunity to make a real impact within a small, collaborative team where security is seen as a business enabler, not a blocker.

What you'll be doing:

• Supporting the business in achieving and maintaining ISO 27001 and Cyber Essentials certifications
• Monitoring security tools and alerts, investigating and escalating issues where appropriate
• Helping to develop, maintain and improve security policies, procedures, and documentation
• Conducting risk assessments and implementing proportionate, business-aligned security measures
• Responding to and managing cybersecurity incidents, including investigation, containment, and remediation
• Overseeing Azure security controls, ensuring adherence to cloud security best practices
• Collaborating with the wider IT team and business stakeholders to embed security into projects, operations, and strategic planning
• Staying current with emerging threats, technologies, and regulatory requirements, and proactively adapting our security strategy

About You:

Essential

• Experience working in an IT security role
• Some familiarity with security standards or frameworks (e.g., ISO 27001, Cyber Essentials, NIST)
• Understanding of Microsoft 365 and/or Azure security features (e.g., MFA, Conditional Access, Defender)
• Strong interest in cybersecurity and risk management
• Good written and verbal communication skills
• Eagerness to learn and develop professionally

Desired

• Any relevant certifications (e.g., Security+, AZ-500, ISO 27001 Foundation/Practitioner)
• Experience supporting audit or compliance activities
• Exposure to endpoint protection, vulnerability scanning, or SIEM tools

Why Bidwells?

We're a different kind of business. Whilst we're a major player in the property sector, Bidwells remains a privately-owned, independent Partnership, with an inclusive, entrepreneurial culture. We give our people autonomy and take the time to listen.