Cyber Security Analyst in London

This role is key in delivering cyber security activities that strengthen NPL’s security posture and manage security risk. It is responsible for assisting with the day‑to‑day operations of security information systems, including preventing cyber‑attacks, monitoring for security incidents, and responding to potential threats. It supports both technical and governance activities to meet the organisation’s security objectives.

Key Responsibilities

• Support the development and implementation of cyber security processes and procedures to strengthen protection and resilience.
• Evaluate risks associated with new technologies, suppliers, and projects in support of business delivery and third‑party risk management.
• Conduct vulnerability scans and assessments as part of vulnerability management; prioritise and collaborate with IT operations to remediate identified weaknesses in systems and applications.
• Monitor and respond to cyber security event alerts, investigating and escalating incidents as required.
• Contribute to assurance and compliance activities, including policy reviews, audits, and regulatory checks.
• Support process improvement initiatives to enhance efficiency and effectiveness across cyber security people, process, and technology.
• Assist with broader cyber security‑related IT requests, including travel security requirements, software requisitions, and general queries.
• Prepare detailed reports on security incidents, vulnerabilities, and trends to inform decision‑making and continuous improvement.
• Maintain security metrics and dashboards to measure performance and support reporting.
• Maintain and update action trackers, ensuring accurate status reporting and timely follow‑up on outstanding tasks.
• Collaborate with internal teams and external partners to ensure alignment with security standards and best practices.
• Responsible for taking reasonable duty of care for Health & Safety of themselves and of other persons who may be affected by their acts or omissions at work and always follow direct instructions given with regards to Health & Safety.

Core Skills (Essential)

• Experience in IT, engineering or cyber security (typically 2-3+ years), or equivalent practical experience in an operational environment.
• A curious and analytical mindset, with the ability to dig deeper to understand root causes, patterns, and underlying risks.
• Strong analytical skills, including the ability to interpret security data, identify trends, and draw meaningful conclusions.
• High attention to detail, with the ability to accurately document activities, findings, and outcomes.
• Understanding of cyber security risks, controls, and operational security practices, and how these can be applied pragmatically to enable the business.
• Ability to balance security requirements with business needs, taking a proportionate, risk‑based approach.
• Experience working collaboratively with IT teams and wider stakeholders to enable secure delivery.
• Ability to follow defined processes while constructively contributing to their improvement.
• Clear written and verbal communication skills, including explaining security issues in a business‑focused way.
• A delivery‑focused, pragmatic approach and willingness to learn and develop.

Additional Skills And Experience (Desirable)

• Exposure to working in or alongside a SOC or security operations function.
• Familiarity with tools such as SIEM, endpoint protection, vulnerability scanning, or security monitoring platforms.
• Experience handling or supporting cyber security incidents.
• Experience supporting audits, assurance activities, or compliance exercises.
• Experience assessing risk and documenting mitigating controls.
• Awareness of cyber security standards or frameworks (e.g. ISO 27001, NIST, Cyber Essentials).
• Experience producing security metrics, dashboards, or management reporting.

To work at NPL, you will need to obtain BPSS security clearance. NPL is committed to diversity and inclusion and welcomes applications from all backgrounds.