Home
Jobs
prosource.it
Cyber Security Analyst

Cyber Security Analyst

Hybrid

Aberdeen, United Kingdom

Full Time

26-03-2025

Share this job:

Score my CV

Job Specifications

2571 – Cyber Security Analyst – Aberdeen or London

Are you a highly motivated and skilled Cyber Security Analyst looking for your next challenge? Join a dynamic team where you'll play a key role in safeguarding critical information assets. As a Cyber Security Analyst, you'll be responsible for identifying, evaluating, and reporting cybersecurity risks to ensure robust cyber assurance. Working alongside the Operational Security team, you'll carry out second-line assurance activities to uphold the confidentiality, integrity, availability, safety, privacy, and recovery of crucial information in line with regulations. You’ll also collaborate with internal teams and third-party vendors to assess and manage third-party cyber risks effectively. This hybrid role, based in Aberdeen or London, follows a 3/2 working pattern, with at least three days onsite each week.

What you’ll do
Work with the Project Team, Operations and Information Systems (IS) Security team to support IS in the delivery of secure, reliable, and safe IS operations to the business
Work across vendors, project teams and wider IS team to define IS Security requirements for systems and solutions that meet the businesses security requirements
Research and provide security solutions for complex application and systems integrations
Provide support on the full life cycle of design, development and operation of security tools and services
Build successful peer relationships with other IS and business functions
Follow the formal governance mechanism to establish and monitor effective controls for the processes and functions performed by the IS Security team
Support IS Security to achieve regulatory and statutory compliance requirements
Complete cyber risk assessments, including third party suppliers
Apply threat modelling principles to complex system and solution designs to identify security risks and appropriate mitigations
Support, monitor and recommend improvements to cyber incident management processes
Provide input and support to operational projects related to cyber security

What to bring
Experience of working in an organisation distributed across different geographies and time zones, with the ability to communicate security goals (preferred)
Excellent analytical, problem solving and execution skills (essential)
Strong cyber security-specific experience, support by relevant industry certifications (e.g. CySA+, Security+) and risk management knowledge (essential)
Knowledge and experience working across a diverse range of cyber security tools, including SIEM technologies, EDR, NIDS etc. (essential)
Self-motivated with a willingness to go the extra mile to achieve important goals (essential)
Excellent verbal and written communication skills, including the ability to explain technical concepts and technologies to technical and non-technical audiences (essential)
Cyber Security KPI monitoring and delivery (preferred)
Experience engaging 3rd party security specialists to provide additional assurance. (preferred)
Understanding of assessing data security and governance requirements and identifying suitable controls. (essential)
Experience of delivering cloud focused security solutions with a solid understanding of modern cyber threats and threat modelling techniques (preferred)
Good understanding of security frameworks (NIST CSF, Mitre ATT&CK) (essential)

What You’ll Get in Return:

We are committed to recognising and rewarding hard work and offer a competitive salary and benefits package which includes (but is not limited to) the following;

Company Pension Scheme
Private Medical Insurance
Private Dental Insurance
Group Income Protection Plan
Group Life Assurance
Cycle to Work Scheme
Prosocial Events
Electric Car Salary Sacrifice Scheme

We also believe effective training and development benefits both the individual and the organisation as a whole and contributes to the achievement of the company’s mission. We encourage all our employees to further their skills and experience via various methods of learning. If an employee elects to self-study in their own time, the company will fund the self-study materials and exam fees. Furthermore, once the exam is passed, the employee will be entitled to an incentive bonus.

If you are enthusiastic, willing to always learn and looking for a challenging but rewarding position where you work for a forward-thinking organisation who offer excellent opportunities, please send your CV to talent@prosource.it.

We welcome applications from disabled candidates, so if you have any access needs or may need adjustments in the assessment process - just let us know.

Successful candidates will be subject to background and right to work checks.

About us
prosource.it is a professional services provider in technology. Established as a traditional provider of managed IT services, prosource.it has evolved with industry and the rapid pace of change within the technology sector. We recognise the importance of people and business process in the successful adoption of technology and change. Our readiness to embrace and apply change comes from our people and we offer a variety of business services across the lifespan of successful technological deployment and adoption. We are a people centred business with a global workforce of 500 plus staff and contractors.

Our values are central to what we do and how we do it. We feel they are simple and easy to relate to and we are always looking to welcome new people to the team who share our vision and values. We pride ourselves on being easy to deal with, agile and accepting of change across a wide range of challenging and rewarding roles. We are a team of ‘can do’ and ‘how can I help’ individuals committed to teamwork, partnership, service excellence and delivery.

www.prosource.it

About the Company

prosource.it is a managed IT services provider with a particular focus on infrastructure, operational and project requirements across the corporate enterprise market. We serve Fortune 500 and FTSE250 companies, major financial institutions, and leading private companies concentrated in oil & gas, manufacturing, transportation, media, insurance and finance. With significant investment in PRINCE2, PMI and ITIL accreditation, our workforce has over 3,000 years of experience leveraged to deliver and manage IT infrastructure from... Know more

Related Jobs

Company Name: Mozn
Job Title: Principal Engineer - Application Security / DevSecOps
Job Description: Mozn is a rapidly growing and leading data science & product development firm based in Riyadh with a proven track record of excellence in supporting and growing the analytics ecosystem in Saudi Arabia. Mozn is a trusted analytics partner for the largest government organizations in Saudi Arabia, as well as many large corporations and startups. We are in a critical stage of scaling the company to build institutional analytics knowledge within Mozn and Saudi Arabia. It is an exciting time to work in Saudi Arabia; through Vision 2030, the rate of social and industrial change is staggering. We are seeking a highly skilled and experienced Principal Engineer - Application Security / DevSecOps to lead and enhance our applications security posture. The ideal candidate will have deep expertise in secure software development, DevSecOps practices, threat modeling, and security frameworks. This role is for an expert who will design, implement, and maintain robust security measures across the software development lifecycle (SDLC) and DevOps pipeline. Requirements Technical Leadership: - Develop and drive the strategic roadmap for application security and DevSecOps within the organization. - Collaborate with engineering, operations, and product teams to integrate security best practices seamlessly into SDLC and CI/CD pipelines. - Advocate for a security-first culture across the organization. Technical Expertise: - Design and implement security solutions for cloud-native, microservices-based, and legacy applications. - Integrate automated security tools into CI/CD pipelines (e.g., SAST, DAST, SCA, IAST, and RASP). - Develop and maintain threat models to identify and mitigate risks proactively. - Establish and enforce coding standards and guidelines for secure coding practices. Operational Excellence: - Monitor, analyze, and respond to application and system vulnerabilities. - Lead vulnerability management efforts, including prioritization and remediation. - Conduct security assessments, code reviews, and penetration tests. - Provide guidance on secure architecture patterns and solutions. Collaboration and Mentorship: - Mentor and coach teams to adopt secure development and DevSecOps practices. - Partner with stakeholders to design and implement security-aware development environments. - Work with compliance and governance teams to ensure adherence to industry standards (e.g., ISO 27001, GDPR, PCI-DSS, SOC 2). Continuous Improvement: - Stay abreast of emerging security threats, technologies, and industry trends. - Lead initiatives to enhance the organization's security posture and incident response capabilities. - Measure and report key metrics to track security effectiveness and compliance. Qualifications: Educational Background: - Bachelor's or Master's degree in Computer Science, Cybersecurity, Information Technology, or related field. - Relevant certifications such as CISSP, CISM, OSCP, CEH, or AWS/Azure/GCP Security certifications are highly desirable. Experience: - Minimum of 8-10 years of experience in application security, DevSecOps, or a related field. - Proven track record of leading security initiatives in DevOps environments. - Hands-on experience with CI/CD pipelines and automation tools (e.g., Jenkins, GitHub Actions, GitLab CI/CD). - Expertise in cloud security (AWS, Azure, or GCP) and container security (Docker, Kubernetes). Technical Skills: - Proficiency in programming and scripting languages (e.g., Python, Java, JavaScript, or Go). - Strong understanding of OWASP Top 10, SANS/CWE 25, and other security frameworks. - Knowledge of security tools and platforms (e.g., SonarQube, Veracode, Burp Suite, Aqua, Prisma Cloud). - Experience with infrastructure-as-code (IaC) security and tools like Terraform and Ansible. Soft Skills: - Excellent problem-solving and critical-thinking abilities. - Strong leadership and communication skills to influence and collaborate with cross-functional teams. - Ability to manage and prioritize multiple initiatives in a fast-paced environment. Benefits We think you'll enjoy working at Mozn. Here's why: We selectively choose to undertake projects with impact; our users and clients trust us to solve mission-critical problems We move quickly, but carefully and confidently. Iterations happen on the scale of days to weeks, and we invest considerable effort in minimizing the operational overhead to empower you to do your best work You will be given a lot of responsibility and trust. We believe that the best results come when the people responsible for a product are given the freedom to do what they think is best

Company Name: Pharmacy2U Ltd
Job Title: IT Security Engineer
Job Description: Role: IT Security Engineer Location: Leeds Salary: DOE plus extensive benefits Contract type: Permanent Employment type: Full time Working hours: 40 hours per week, Monday to Friday 09:00 – 17:30 The IT Security Engineer will administer and optimise security tools, to provide technical security guidance and to implement security change across a range of components to achieve and maintain security across business platforms and applications. Scope of responsibilities include Microsoft 365, Exchange, networking components (firewall etc), Windows Server, core Microsoft back-office technologies, and 3rd party software and applications. You will be passionate about providing an excellent level of service with a focus on improving the security posture of global infrastructure in line according to the IT security strategy and business requirements. You will also be comfortable suggesting improvements and be prepared to adapt and change as necessary. In addition, you will be a problem solver, who wants to find the “secure way” to solve a business problem. What’s in it for you? Occupational sick pay Enhanced maternity and paternity pay Contributory pension Discounted insurance (Aviva) Employee discount site Discounted gyms (via our blue light card and benefits schemes) Employee assistance programme In-house mental health support Free onsite parking Health and wellbeing initiatives Social events throughout the year Cycle to work scheme Green car scheme*(subject to minimum earnings) Registration fees paid (GPhC, NMC, CIPD etc) Long service bonus Refer a friend bonus Blue light card Hybrid working Commitment to CPD/training 25 days annual leave increasing with service Annual leave buy and sell scheme Discounts & Exclusive offers at The Springs, Leeds 25% Discount & health & beauty purchases 25% Discount on Pharmacy2U Private Online Doctor Services What you’ll be doing? Daily system checks and monitoring of information security alerts (AV, Firewall, M365 etc). Reporting on the performance of technical security controls Assessing the security risks of changes Assessing the risk to the business of making security changes Communicating weaknesses and vulnerabilities Liaising with technical counterparts across the business, in partners and other 3rd Parties. Participating in Incident Response and Investigation Policy development Test, evaluate, build, and implement security change in line with business requirements Vulnerability management of hardware and software components Keep up to date with advancements in information security and technology Monitor threat intelligence and investigate the organisations exposure to threats Maintain application and infrastructure security including antivirus software, endpoint protection and other technical controls Who are we looking for? Experience working within the retail services sector preferably in an information security-related role Experience supporting Microsoft Windows On-Premise and Cloud (Azure) environments, ideally in a security capacity Strong understanding of Information Security concepts, principles and best practices Experience of Vulnerability Management Strong knowledge of securing Active Directory (DHCP, DNS) Skilled in technical risk management Experience with Cloud Technologies (PaaS, IaaS, SaaS) Experience in administering and securing virtual environments Knowledge of Windows Endpoint technologies, Intune, BitLocker, Defender Able to develop good working relationships What happens next? Please click apply and if we think you are a good match, we will be in touch to arrange an interview. Applicants must prove they have the right to live in the UK. All successful applicants will be required to undergo a DBS check. Unsolicited agency applications will be treated as a gift. #INDTECH

Leeds, United Kingdom

Hybrid

Full Time

27-03-2025

Company Name: RedRock Resourcing
Job Title: Graduate Cyber Security Consultant x 3 - Graduate Scheme - Bristol - New! (REFBJ14)
Job Description: Graduate Cyber Security Consultant x 3 - Graduate Scheme - Bristol - New! (REFBJ14) Up to £28,000 + Graduate Scheme - Training & Progression (Rising to £45k) ** 2/3 days per week on site in Bristol ** A leading consultancy in Bristol requires a number of Graduate Cyber Security Consultants to join its growing team. Successful candidates will work in project teams to design, implement and cyber security solutions. This will involve learning about and working with a variety of technologies as well as developing professional consulting and problem-solving skills. Engagements will involve building insightful analytics from client requirements to enable them to make evidence-based decisions based in real time. Suitable candidates will have At least a 2.1 in a Security or STEM related degree ideally from a Russell Group university coupled with strong A Level results Demonstrable technical competence and analytical approach to problem solving Flexible and adaptable, with ability to work well in a team Good communication skills, both written and verbal, and professional approach Eligible for SC clearance Additionally, any experience of working with customers / stakeholders would be advantageous, as would exposure to any of Splunk, Sentinel, AWS, Azure, networking, system administration, data analytics tools. Please send CV for job description and an informal chat. Excellent opportunity to kick start your career!

Bristol, United Kingdom

Hybrid

Full Time

27-03-2025

Company Name: Lorien
Job Title: Cyber Security Consultant
Job Description: Cyber Security Consultant Portsmouth - Hybrid working pattern Salary – Up to £60,000 + Additional Corporate Benefits Package The Client: A leading boutique cyber security firm requires a security consultant! The Role: As a Cyber Security Consultant, your role will involve assisting clients in tackling various Cyber Security challenges, from clearly defining Cyber Security policies and strategies to recognizing their vulnerability to Cyber Security threats/risks and implementing practical and cost-effective measures. You will be responsible for advising and executing the identification, management, and mitigation of risks to a client’s information and information technology assets. Key Skills: Comprehending the business and information risk context (typical business motivators, cyber security threats, and implementation obstacles) of our clients Evaluating risk at both a technical and business process level and clearly communicating findings both verbally and in writing to key stakeholders Assessing the level of cyber security maturity within an organization and formulating maturity enhancement strategies Reviewing the efficiency of controls (in relation to recognized controls frameworks as applicable) and recommending appropriate security improvements Investigating and analysing security technologies to facilitate the creation of innovative solutions Evaluating risk at the business function or process level leading client interviews or minor investigations to gauge business impact Performing site visits and threat evaluations Applying standard frameworks or relevant standard methodologies Leading the development of risk assessment/reports Collaborating with account teams to discover new work opportunities and assist in the creation of high-quality proposals Requirements: You should possess a degree related to cyber security or equivalent training or have 3 years of experience in similar positions with A-levels being a minimum. You must have the capability to convey and present security advice, often at a technical level, directly to key customer stakeholders; possess outstanding interpersonal skills as well as strong written and verbal communication and presentation abilities. Experience in a commercial sector such as financial services, banking, insurance, the energy industry, or telecoms is preferred. Desirable Skills: CISM, CISMP, or equivalent certifications are advantageous Given the nature of the role, all employees must undergo a DBS and Security Check. To qualify for full SC Clearance, you must have resided in the UK for the past five years. Additionally, you may not spend more than 30 consecutive days outside of the UK. So, if you feel your skills and experience align with the prerequisites for this role, then please get in touch, and apply directly.

Portsmouth, United Kingdom

Hybrid

Full Time

27-03-2025