Cyber Security Analyst

Sword is a leading provider of business technology solutions within the Energy, Public and Finance Sectors, driving transformational change within our clients.  We use proven technology, specialist teams and domain expertise to build solid technical foundations across platforms, data, and business applications.  We have a passion for using technology to solve business problems, working in partnership with our clients to help in achieving their goals.

About the role:

• The Cyber Security Analyst is responsible for cyber assurance over the IS environment and ensuring that information assets and associated technologies, applications, systems, infrastructure, and processes are adequately protected
• The Cyber Security Analyst is responsible for identifying, evaluating, and reporting cybersecurity risk to information assets and reporting associated risks
• The Cyber Security Analyst , working together with the Operational Security team, understands and articulates the impact of cyber security risks and threats to (digital) business and communicates this to Senior Manager- Global Cyber Operations or delegate
• The Cyber Security Analyst supports the Global Cyber Operations team in carrying out appropriate second-line assurance activities related to confidentiality, integrity, and availability, as well as the safety, privacy and recovery of information owned or processed by the business in compliance with regulatory requirements
• The role works with appropriate teams and 3rd party vendors to ensure the third party related cyber risks are identified and assessed appropriately Roles and Responsibilities:
• Works with Project Team, Operations and IS Security team to support IS in the delivery of secure, reliable, and safe IS operations to the business
• Work across vendors, project teams and wider IS team to define IS Security requirements for systems and solutions
• Research and provide security solutions for complex application and systems integrations
• Provides support on the full life cycle of design, development and operation of security tools and services
• Builds successful peer relationships with other IS and business functions
• Follows the formal governance mechanism to establish and monitor effective controls for the processes and functions performed by the IS Security team
• Supports IS Security achieve regulatory and statutory compliance requirements
• Complete cyber risk assessments, including third party suppliers.
• Apply threat modelling principles to complex system and solution designs to identify security risks and appropriate mitigations.
• Supports, monitors and recommends improvements to cyber incident management process
• Provides input and support to operational projects related to cyber security

Requirements

Here are the key skills and experience relevant to this role:

• Experience of working in an organisation distributed across different geographies and time zones, with the ability to communicate the IS security goals (preferred)
• Excellent analytical, problem solving and execution skills (essential)
• Strong cyber security-specific experience, support by relevant industry certifications (e.g. CySA+, Security+) and risk management knowledge (essential)
• Knowledge and experience working across a diverse range of cyber security tools, including SIEM technologies, EDR, NIDS etc. (essential)
• Self-motivated with a willingness to go the extra mile to achieve important goals (essential)
• Excellent verbal and written communication skills, including the ability to explain technical concepts and technologies to technical and non-technical audiences (essential)
• Cyber Security KPI monitoring and delivery (preferred)
• Experience engaging 3rd party security specialists to provide additional assurance. (preferred)
• Understanding of assessing data security and governance requirements and identifying suitable controls. (essential)
• Experience of delivering cloud focused security solutions with a solid understanding of modern cyber threats and threat modelling techniques (preferred)
• Good understanding of security frameworks (NIST CSF, Mitre ATT & CK) (essential)

Benefits

At Sword, our core values and culture are based on caring about our people, investing in training and career development, and building inclusive teams where we are all encouraged to contribute to achieve success.  

We offer comprehensive benefits designed to support your professional development and enhance your overall quality of life. 

In addition to a Competitive Salary, here's what you can expect as part of our benefits package: 

Personalised Career Development: We create a development plan customised to your goals and aspirations, with a range of learning and development opportunities within a culture that encourages growth. 

Flexible working: Flexible work arrangements to support your work-life balance.  We can’t promise to always be able to meet every request, however, are keen to discuss your individual preferences to make it work where we can. 

A Fantastic Benefits Package: This includes generous annual leave allowance, enhanced family friendly benefits, pension scheme, access to private health, well-being, and insurance schemes.

At Sword we are dedicated to fostering a diverse and inclusive workplace and are proud to be an equal opportunities employer, ensuring that all applicants receive fair and equal consideration for employment, regardless of whether they meet every requirement. If you don’t tick all the boxes but feel you have some of the relevant skills and experience we’re looking for, please do consider applying and highlight your transferable skills and experience. We embrace diversity in all its forms, valuing individuals regardless of age, disability, gender identity or reassignment, marital or civil partner status, pregnancy or maternity status, race, colour, nationality, ethnic or national origin, religion or belief, sex, or sexual orientation. Your perspective and potential are important to us. 

If we can do anything to help make the hiring process more accessible, please let our talent acquisition team know when you apply so we can support any adjustments.