IT & Cyber Risk Analyst Role Overview: We are seeking a proactive and detail-oriented IT & Cyber Risk Specialist to support Head of Risk, Compliance & Business Assurance. This role plays a key part in ensuring the company prioritizes customer-centric outcomes, operates within its defined risk appetite, and maintains robust control over its own operations and those of key outsourcing partners. The successful candidate will also support the Risk and Compliance Function Holders in fulfilling the company’s risk and compliance obligations, with a particular focus on IT security and cyber risk management. Key Responsibilities: Provide IT support and manage referrals to IT Service Providers. Collaborate with external Service Providers and Third Parties to maintain network and infrastructure. Ensure the availability and resilience of the company’s IT infrastructure. Identify and resolve IT faults effectively. Review and assess weekly SIEM, Microsoft, and other security reports, recommending actions where needed. Serve as the primary internal contact for the Security Concierge SIEM team. Continuously evaluate the company’s security posture against industry standards such as Cyber Essentials and CIS controls. Assist in the identification, management, and mitigation of IT and cyber risks. Ensure compliance with internal IT security policies, frameworks, and procedures. Track and manage IT and cyber security controls, including inactive user monitoring and audit trail availability. Oversee remediation actions from vulnerability and penetration testing. Conduct scenario testing to support Important Business Services and Business Continuity requirements. Support the implementation of the company’s Incident Management and Cyber Response processes. Ensure daily data backups are in place, functional, and secure. Share insights and lessons learned from scanning, testing, and audits across business units. Assist in the delivery of IT projects. Key Competencies: Strong planning and prioritization skills Commercial awareness Customer-focused approach Effective teamwork and collaboration Adaptability and change management Driving business improvements Clear and concise communication Required Skills & Knowledge: Essential: Understanding of IT hardware, networks, and infrastructure. Awareness of IT and cyber security principles. Experience working with Microsoft Office 365. Strong analytical, written, and verbal communication skills. Ability to prioritize tasks and manage workloads effectively. Attention to detail, accuracy, and commitment to high-quality delivery. Ability to work under pressure and exercise initiative. Willingness to pursue additional qualifications or training as required. Flexibility to travel to Gibraltar if needed. Desirable: IT security or cyber-related qualification. Experience with IT infrastructure, including servers, Active Directory, switches, and firewalls. Familiarity with on-site, off-site, and cloud backup solutions. This role offers an exciting opportunity to contribute to the company’s IT and cyber risk strategy while developing expertise in a dynamic and regulated environment.