Let’s get started
By clicking ‘Next’, I agree to the Terms of Service
and Privacy Policy
Jobs / Job page
Senior Security Analyst image - Rise Careers
Job details

Senior Security Analyst

We are looking for an enthusiastic and detail-oriented Senior Security Analyst to join our growing information security and data protection team.

The Senior Security Analyst is an experienced security professional responsible for performing more advanced security and data protection tasks with a higher level of autonomy. In this role, you will be responsible for conducting comprehensive security and data protection assessments, overseeing vulnerability management, developing and updating security and data protection policies, reviewing configurations, and providing expert guidance to the organization. You will be expected to operate with minimal supervision and mentor junior analysts as needed.

This is a full-time position with some mentoring responsibilities. Occasional after-hours work may be required for incident response or urgent security tasks.

Successful candidates will be enrolled on a fully funded level 6 Cyber Security Risk Analyst apprenticeship and will be provided with mentoring support to help you grow and learn. Upon successful completion of the level 6 qualification, it is anticipated that you will be able to progress to a fully funded level 7 qualification (MSc) in Cyber Security.

Responsibilities:

1.        KPI Reporting & Metrics Analysis:

  • Lead the accurate tracking of KPIs related to security and data protection performance and risk management.
  • Analyse data to identify trends, areas of improvement, and potential security and data protection risks.
  • Prepare detailed reports for management and advise on mitigation strategies.

2.       Lead Security Assessments: 

  • Perform risk assessments, vulnerability assessments, and commission penetration tests with minimal supervision. 
  • Prioritize and manage findings, providing actionable recommendations for remediation. 
  • Conduct security and data protection audits and collaborate with IT and development teams to identify weaknesses.
  • Completes security and data protection assessments from clients.

3.      Policy & Standards Development: 

  • Develop and update security and data protection policies, procedures, standards, and guidance to align with industry best practices and regulatory requirements. 
  • Review policies and provide recommendations for improving the organisation's security and data protection posture.
  • Supports the implementation of privacy policies and ensuring privacy by design and by default in company operations.
  • Helps with data mapping, DPIAs (Data Protection Impact Assessments).

4.      Configuration Reviews: 

  • Conduct detailed configuration reviews of systems, networks, and applications. 
  • Work with cross-functional teams to ensure that security configurations meet established standards. 

5.      Vulnerability Management: 

  • Oversee the identification and remediation of vulnerabilities across systems. 
  • Coordinate vulnerability scanning, patching, and remediation efforts with internal teams. 
  • Provide leadership in addressing critical vulnerabilities and mitigating risks. 

6.      Incident Response

  • Support the incident management leads, helping to coordinates the response to security incidents, including data breaches, system compromises, or attacks.

7.       Application Security

  • Work with development teams to embed secure coding practices.
  • Conduct regular security assessments of the company’s software, including the proprietary products sold to clients.

8.      Collaboration & Communication:

  • Provide security and data protection guidance to internal stakeholders, ensuring security considerations are incorporated into development and operational practices.
  • Participate in ongoing security and data protection awareness training initiatives. 
  • Mentor and support junior analysts, assisting in their professional development. 
  • Level 4 qualification in Cybersecurity, Information Technology or a related field, or equivalent experience.
  • 2-4 years of experience in information security or a related field.
  • CompTIA Security+, Cisco CCNA, CISMP, or other entry-level certifications are preferred, but not essential.
  • Proven experience with security assessments, vulnerability management, risk mitigation, and security incident response.
  • Strong technical expertise in security tools, technologies, and methodologies.
  • In-depth knowledge of security frameworks and best practices (e.g., NIST, ISO 27001).
  • Ability to work autonomously and manage multiple tasks simultaneously.
  • Exceptional problem-solving, investigative, and analytical abilities.
  • The adaptability to do a range of work, sometimes complex and non-routine, in different environments
  • The ability to work under direction, use discretion, and determine when to escalate issues.
  • Strong written and verbal communication skills, with the ability to interact effectively with both technical and non-technical stakeholders.

Work’s a treat!

On top of a competitive salary, you can expect a whole load of perks:

  • 25 days’ holiday + bank holidays – we understand the importance of you getting some down time.
  • Annual Wellbeing Day – enjoy an additional day on us to look after your physical and mental wellbeing.
  • Pension Scheme – helping you save towards your retirement home in the sun!
  • Corporate Medical Cash Plan – claim back the cost of your medical treatments.
  • Smart Working Options – spend up to 40% of your working week from home.
  • So many savings – through our online community platform, you can access dozens of daily deals, from money off top brands to discounts on days out.
  • Employee Assistance Programme – our people are at the heart of everything we do, so if you’re happy, we’re happy.
  • Cycle to Work Scheme – save on the cost of biking to work.
  • Monthly Employee Awards - Employee of the Month programme with £250 bonus
  • Raising money for charity including a paid Volunteer Day – we’re all about giving back… and having lots of fun in the process!
  • Referral scheme – know the perfect person to join the team? You could bag £1,500 for a putting a good word in.
  • Wellbeing Programme – giving you the opportunity to join regular, interactive Wellbeing Workshops or join our 30 plus Wellbeing Champions.
  • Enhanced Family Friendly Leave – support for you and your family to help you navigate through the craziness of family life.


We Value Diversity

We champion and welcome diversity in our workforce and ensure all job applicants receive equal and fair treatment, regardless of age, race, gender or gender identity, religion, sexual orientation, disability, or nationality.

We are not only committed to increasing the visibility and recognition of talent from under-represented groups within our organisation, but the wider industry too.

At the end of the day, we make sure we take time to look after ourselves, each other, and the planet, because we’re always stronger together.

ITG have a number of community groups (ERGs) available to employees which offer a safe space for like-minded colleagues, with shared interests to connect, socialise and check in with each other. These include Black ITGers Together, LGBTQ+ Together, Mens Health Together, Muslims Together, Neurodiversity Together, Working Parents and Carers Together and Women In Tech Together.


What next?
If you found yourself interested in knowing more, drop us your application and someone from our team will be in touch.

#LI-NW1

Average salary estimate

$80000 / YEARLY (est.)
min
max
$70000K
$90000K

If an employer mentions a salary or salary range on their job, we display it as an "Employer Estimate". If a job has no salary data, Rise displays an estimate if available.

What You Should Know About Senior Security Analyst, Inspired Thinking Group (ITG)

Are you an experienced security professional looking for your next challenge? Join us at our dynamic company as a Senior Security Analyst! In this exciting role, you'll bring your enthusiasm and detail-oriented mindset to our growing information security and data protection team. Your main responsibilities will include conducting thorough security assessments, overseeing vulnerability management, and crafting policies that align with industry best practices. You'll have the autonomy to perform risk assessments, lead audits, and mentor junior analysts, all aimed at keeping our data safe and secure. With opportunities to develop your skills through a funded apprenticeship program towards a level 6 Cyber Security Risk Analyst qualification, as well as a path to a level 7 qualification (MSc in Cyber Security), this position offers a fantastic career progression. Expect to collaborate with various teams, support incident response initiatives, and ensure that security is a priority in our organization. Plus, we offer a flexible work environment with the chance to work from home up to 40% of the time. If you’re ready to make a significant impact on our security posture while enjoying a supportive workplace that values diversity and well-being, we’d love to hear from you!

Frequently Asked Questions (FAQs) for Senior Security Analyst Role at Inspired Thinking Group (ITG)
What are the primary responsibilities of a Senior Security Analyst at your company?

As a Senior Security Analyst at our company, you’ll engage in a variety of responsibilities including conducting comprehensive security assessments, overseeing vulnerability management efforts, and leading audits. You will also develop and maintain security and data protection policies, ensure compliance with regulations, and provide guidance on security practices across the organization.

Join Rise to see the full answer
What qualifications are required for the Senior Security Analyst position?

To qualify as a Senior Security Analyst with us, you should possess a Level 4 qualification in Cybersecurity, Information Technology, or a related field, along with 2-4 years of experience in information security. Certifications like CompTIA Security+, Cisco CCNA, or CISMP are preferred but not essential, and practical experience in risk mitigation and security incident response is crucial.

Join Rise to see the full answer
What growth opportunities exist for a Senior Security Analyst in your organization?

At our organization, as a Senior Security Analyst, you will enroll in a fully funded level 6 Cyber Security Risk Analyst apprenticeship that helps you enhance your skills and knowledge. After completing this qualification, there is a pathway to progress to a level 7 qualification (MSc) in Cyber Security, allowing you further professional growth.

Join Rise to see the full answer
How does your company support work-life balance for the Senior Security Analyst role?

We highly value work-life balance at our company. As a Senior Security Analyst, you can enjoy smart working options, allowing you to work from home for up to 40% of the week. We also offer 25 days of annual leave along with a Wellbeing Day to prioritize your mental health and well-being.

Join Rise to see the full answer
What kind of team culture can a Senior Security Analyst expect in your company?

Our team culture emphasizes collaboration, inclusivity, and continuous learning. As a Senior Security Analyst, you will not only lead initiatives but also mentor junior analysts and participate in various Employee Resource Groups, promoting a supportive environment that values diversity and professional development.

Join Rise to see the full answer
Common Interview Questions for Senior Security Analyst
Can you describe your experience with risk assessments?

When answering this question, provide specific examples of risk assessments you have conducted, detailing your approach to identifying vulnerabilities and recommending mitigations. Emphasize the importance of collaboration with various teams and the outcomes of your assessments.

Join Rise to see the full answer
How do you stay updated on the latest security threats and trends?

Demonstrate your proactive approach by discussing the resources you utilize, such as security blogs, forums, industry conferences, and training courses. Mention any specific cybersecurity communities you are part of that keep you informed about evolving threats.

Join Rise to see the full answer
What methodologies do you follow for vulnerability management?

Explain your systematic approach to vulnerability management including identification, prioritization, remediation strategies, and how you work with IT teams to remediate vulnerabilities effectively. Mention any tools you employ for vulnerability scanning as well.

Join Rise to see the full answer
How do you approach policy development for security?

Share a specific example of a policy you have developed, outlining the steps taken to ensure it aligns with best practices and regulatory requirements. Emphasize collaboration with stakeholders and the importance of training and awareness in ensuring policy compliance.

Join Rise to see the full answer
Can you give an example of your involvement in incident response?

Describe a specific incident you were involved in, detailing your role in the response process, from detection to remediation. Focus on how your actions contributed to mitigating the impact and improving the organization’s response strategy.

Join Rise to see the full answer
What is your experience with security tools and technologies?

Discuss the range of security tools and technologies you have worked with, such as SIEM systems, firewalls, or intrusion detection systems. Highlight your proficiency in using these tools to enhance security operations and streamline processes.

Join Rise to see the full answer
How do you ensure security practices are embedded in development processes?

Focus on your collaboration with development teams to integrate secure coding practices and conducting regular security assessments of applications. Discuss any specific frameworks or practices you recommend to ensure security is prioritized.

Join Rise to see the full answer
What techniques do you employ for effective KPI reporting?

Explain your approach to defining KPIs related to security performance, and detail how you track, analyze, and present this data in actionable reports. Provide examples of how you've used this reporting to drive strategic decisions.

Join Rise to see the full answer
How do you handle conflicts with non-technical stakeholders regarding security?

Talk about the importance of communication and translating technical details into understandable concepts for non-technical stakeholders. Share a scenario where you successfully navigated a conflict and gained buy-in for a security initiative.

Join Rise to see the full answer
Why do you want to work as a Senior Security Analyst with our company?

Convey your enthusiasm for the company’s values and culture, aligning it with your passion for cybersecurity. Mention specific aspects of the role that excite you and how it matches your career goals and aspirations.

Join Rise to see the full answer
Similar Jobs
Photo of the Rise User
Posted 2 days ago
Photo of the Rise User
Posted yesterday
Photo of the Rise User
Posted 11 days ago
Photo of the Rise User
Posted 12 days ago
Customer-Centric
Inclusive & Diverse
Collaboration over Competition
Transparent & Candid
Growth & Learning
Photo of the Rise User
Raising Cane's Hybrid 6800 Bishop Rd, Plano, TX 75024, USA
Posted 3 days ago
Posted 12 days ago
Photo of the Rise User
BPM Remote TRI CITIES, Washington
Posted 4 days ago
MATCH
Calculating your matching score...
FUNDING
SENIORITY LEVEL REQUIREMENT
TEAM SIZE
EMPLOYMENT TYPE
Full-time, hybrid
DATE POSTED
December 24, 2024

Subscribe to Rise newsletter

Risa star 🔮 Hi, I'm Risa! Your AI
Career Copilot
Want to see a list of jobs tailored to
you, just ask me below!