JOB TITLE: Security Analyst (Hybrid) REPORTS TO: IT Infrastructure Delivery Manager TEAM: Infrastructure DEPARTMENT: Systems Support Purpose of Job: Monitor, detect, investigate, and respond to security incidents. Analyse security events and incidents, conduct investigations, and develop incident response plans. Stay updated on cybersecurity threats and conduct threat assessments. Administer security tools, maintain accurate incident documentation, and prepare reports. Collaborate with teams, share knowledge, and ensure compliance. Key Responsibilities: Stay updated on cybersecurity threats and conduct threat assessments. Ensure that penetration and vulnerability testing is completed and report recommendations/remediations to the infrastructure team, accordingly, allowing us to maintain our accreditations Responding to SEIM SOC issues and liaising with the companys SOC Subject-matter expert on all aspects of system security, including network, servers, workstations, cloud and data Devise secure system solutions to support the needs of the business Ensure that security is at the heart of all new systems, create/update documentation, where appropriate, including architecture diagrams and designs Pro-active advice and direction on security including patching, firewall, vulnerabilities, cloud, data protection, etc. Ensure compliance with standards and regulations. Essential Knowledge Proven experience in SOC or similar role In-depth knowledge of cybersecurity concepts and tools Experience with incident response and threat hunting Strong analytical and problem-solving skills Excellent communication skills Relevant certifications are a plus - NIST, ISO2700X, SOC2, GDPR Working in an ITIL/change managed environment Experience working with Tenable to run vulnerability assessments Additional Knowledge (not essential) Experiencing working with/securing the following platforms/solutions Operating Systems Windows/Windows Server, Linux Cloud Microsoft Azure Firewall Checkpoint/pfSense, Cloudflare, NetScaler Email/Messaging Microsoft Exchange/ExchangeOnline, Mimecast, Microsoft Teams Domain and e-mail configuration including DNS zones and DMARC/DKIM records Databases SQL Server, MySQL/MariaDB Monitoring DarkTrace Web IIS secure configuration Essential Skills Ability to work under own initiative Ability to follow written and verbal instructions Ability to work to strict deadlines Ability to provide training to other team members, and other employees Ambitious and willing to work towards specialisation in corporate systems Excellent communication and interpersonal skills Good documentation skills including Visio drawings Previous experience in a security-based role Current valid driving license Qualities Articulate, literate, presentable, customer facing and technically astute Self-motivated, enthusiastic and willing to learn Punctuality and good time keeping are essential to this role Team player Commercial awareness