Shape the Future with the National Wealth Fund At the National Wealth Fund, our mission is to swiftly and effectively mobilise trusted sector insights and investment expertise to unlock billions in private finance for projects across the United Kingdom. Providing £27.8bn of capital and an expanded mandate, we are ready to help the market invest with confidence, continue to drive forward the Government's growth ambitions. We are looking for skilled and results oriented individuals who are motivated to help us build the National Wealth Fund into an industry-leading institution. Job Purpose The Senior IT Analyst will work with IT Risk and Security Lead and other stakeholders, identifying potential threats and vulnerabilities to NWF applications, processes, and infrastructure. Mitigating Cyber Risks, responding to security incidents, and processing BAU security functions as required. The Senior IT Analyst is responsible for assisting in all duties under the care of the Information Security team at the National Wealth Fund. This includes, but is not limited to, defining, implementing, and maintaining the organisation’s security strategy, working closely with various departments to identify potential risks and develop strategies to mitigate them, and ensuring that the organisation’s information security policies and procedures are up-to-date and effective. You will also respond to incidents, give appropriate guidance to users, and contribute to policy and processes. Core Accountabilities: • Risk Assessment: Conduct regular risk assessments to identify vulnerabilities and threats to the organisation’s information systems. • Policy Development: Develop and update information security policies, procedures, and guidelines. • Incident Response: Coordinate and manage the response to security incidents, including investigation and reporting. • Compliance : Ensure compliance with relevant laws, regulations, and standards related to information security. • Training and Awareness: Assist in the development and delivery of security awareness training for employees to promote a culture of security within the organization. • Collaboration : Work with IT, other departments and 3rd parties in relation to cyber security issues and provide reporting and recommendations. • Reporting: Prepare and present reports on the status of information security risks and incidents to senior management. • BAU processes: Give advice and guidance to colleagues on issues such as spam and unwanted or malicious emails, and general security awareness. • Assist in the implementation and maintenance of JML and ID Governance processes and tools. • System Development : Contribute to existing or create new BAU processes to embed Information Security within the business. • Contribute to and help maintain an information security risk register and assist with internal and external audits relating to information security. • Assisting in planning for disaster recovery and creation of contingency plans in the event of any security incidents. • Maintain an awareness of emerging cyber security threats and ways to manage them. • Maintain an awareness of emerging tools or technologies to improve cyber resilience and general Information Security. • Assist with audit or other potentially sensitive data gathering requests. Key Experience, Knowledge and Skills: Essential experience ►Considerable and demonstrable experience of information security and IS risk management. ►Understanding of key industry frameworks (such as Cyber Essentials Plus, NIST, ISO). ►Strong understanding and familiarity with Entra, Azure, and M365 technologies ►Excellent written and verbal presentational skills. ►Demonstrable proficiency in presenting risk information and KPIs. ►Clear business acumen, patience, pragmatism, sound judgement and confidence. ►Excellent investigative, problem solving and root cause analysis skills and ability to articulate solutions in a business context. ►Ability to work in a team, with minimal supervision and prioritise own work effectively. ►Excellent attention to detail. Desirable experience ►Strong experience in Identity Management, including Role Based Access Controls ►Relevant professional qualifications/certifications, ideally in Microsoft Entra/M365 technologies ►Understanding and awareness of Data Protection responsibilities and practice. ►Good understanding of key regulatory regimes (including GDPR). ►Good facilitation experience. ►Experience working with multiple IT managed service providers. ►Information Security and Risk experience gathered within financial services. Skills ►Strong communication, engagement and influencing skills. ►Ability to effectively represent NWF through building collaborative relationships. ►Self-motivated, and well organised with initiative and comfortable with continuous improvement working to agreed objectives, targets and timescales. ►Experience of managing a diverse set of internal and external stakeholder relationships. A career with us offers a unique opportunity to make a lasting impact and work on cutting-edge technologies that will drive the UK’s future. We value diversity in our people and inclusion is at the heart of what we do. We offer competitive benefits and unique learning opportunities from combining both private and public sector skills and experience. Please note, referencing and background checks are carried out for all roles here at the National Wealth Fund.