Cyber Security Analyst/Lead

Join Chambers and Partners as our next Cyber Security Analyst/Lead, a pivotal role at the heart of our commitment to safeguarding information and maintaining trust. You’ll lead the development and delivery of our information security programme, protecting our systems, data, and digital assets from evolving threats. This is an exciting opportunity to drive key security initiatives, oversee cutting-edge technologies, and ensure compliance with leading industry frameworks within a globally respected organisation.

Main Duties and Responsibilities

• Develop, implement, and maintain the organization’s information security strategy, policies, standards, and procedures in alignment with business objectives and regulatory requirements.
• Lead the development and implementation of an Information Security Management System (ISMS), based on ISO 27001.
• Conduct regular security risk assessments, identify vulnerabilities, and recommend appropriate mitigation strategies.
• Stay up-to-date with the latest cybersecurity threats, trends, technologies, and best practices.
• Provide expert advice and guidance on information security matters to various stakeholders across the organization.
• Oversee the day-to-day operation of security systems and tools, including firewalls, intrusion detection/prevention systems (IDS/IPS), antivirus, anti-malware, SIEM, vulnerability scanners, and data encryption solutions.
• Manage vulnerability management programs, including regular scanning, penetration testing, and remediation of identified weaknesses.
• Lead and manage security incident response, including detection, analysis, containment, eradication, recovery, and post-incident review.
• Develop and maintain robust disaster recovery and business continuity plans related to information security.
• Monitor security alerts, logs, and reports for suspicious activity and potential threats.
• Ensure the organization’s adherence to relevant information security regulations, laws, and industry standards (e.g., HIPAA, PCI DSS, NIST, CIS, ISO 27001, Cyber Essentials+).
• Coordinate and participate in internal and external security audits, provide evidence, and ensure timely remediation of audit findings.
• Develop and implement security awareness training programs for all employees to foster a security-conscious culture.
• Manage third-party security risk assessments and ensure vendor compliance with security requirements.
• Collaborate with IT Operations and Infrastructure teams to ensure security is embedded in the design, implementation, and maintenance of all IT infrastructure, including cloud environments (e.g., Azure, AWS, GCP), networks, servers, and endpoints.
• Manage access controls, identity management (e.g., Entra ID/Azure AD), and privileged access management (PAM) systems.
• Manage access control processes to third-party applications and third-party relations.
• Oversee the patching and configuration management of all systems and applications to reduce the attack surface.
• Develop performance metrics to communicate security risks, incidents, and security programmes to senior management and other stakeholders.
• Drive continuous improvement initiatives within the information security function.

Skills and Experience

• Bachelor’s degree in Computer Science, Information Security, or a related field (or equivalent practical experience).
• Demonstrable experience in information security.
• Experience creating Cyber Security roadmaps.
• Strong understanding of information security principles, frameworks (e.g., ISO 27001, NIST, Cyber Essentials), and best practices.
• Hands-on experience with security technologies such as firewalls, SIEM, IDS/IPS, vulnerability scanners, endpoint detection and response (EDR), and identity management solutions.
• Experience with cloud security (e.g., Azure Security).
• Proven experience in managing security incidents and conducting incident response.
• Familiarity with data privacy regulations (e.g., GDPR).
• Excellent analytical and problem-solving skills with a keen eye for detail.
• Strong communication, interpersonal, and presentation skills, with the ability to convey complex technical information to non-technical audiences.
• Ability to work independently and as part of a team in a fast-paced environment.
• Experience building, developing and managing technology improvement programmes.
• Experience selecting and managing third party suppliers and solutions.
• Evidence of setting vision and direction, inspiring and engaging with others to deliver.
• Technically astute, with good knowledge of IT operations and infrastructure.

Certifications

• CISSP (Certified Information Systems Security Professional)
• CISM (Certified Information Security Manager)
• CompTIA Security+
• CEH (Certified Ethical Hacker)
• Cloud Security certifications (e.g., Azure Security Engineer Associate, AWS Certified Security – Specialty)

Person Specification

• Passionate about technology infrastructure (Cloud), platforms and delivering exceptional service to customers and the business.
• Able to switch between visionary, strategic thinking and ‘business as usual’ operations.
• Prioritisation skills to handle fast paced dynamic environment.
• Constructively challenges convention and seeks new ways of achieving better results.
• Regularly demonstrates sound and pragmatic judgement, balancing pace, risk and business value to reach decisions which are well informed and actionable.
• Proactive self-starter who continuously seeks ways to improve.
• Excellent communication and interpersonal skills, with ability to communicate complex subjects, ‘sell’ ideas, and influence business and technology stakeholders at all levels.
• Attention to detail, focused on the finer details that make the difference.
• Provides thought leadership in service and infrastructure domains.

Equal Opportunity Statement

We are committed to fostering and promoting an inclusive professional environment for all of our employees, and we are proud to be an equal opportunity employer. Diversity and inclusion are integral values of Chambers and Partners and are key in our culture. We are committed to providing equal employment opportunities for all qualified individuals regardless of age, disability, race, sex, sexual orientation, gender reassignment, religion or belief, marital status, or pregnancy and maternity. This commitment applies across all of our employment policies and practices, from recruiting and hiring to training and career development. We support our employees through our internal INSPIRE committee with Executive Sponsors, Chairs and Ambassadors throughout the business promoting knowledge and effecting change. As a Disability Confident employer, we will ensure that a fair number of disabled applicants that meet the minimum criteria for this position will be offered an interview.