Information Security Analyst

We are looking for an Information Security Analyst to ensure that the AELTC and The Championships are protected from cyber threats such that the business can operate safely and reliably. This role blends protection, detection, response and continuous improvement, with the opportunity to deepen and broaden your skills and experience.

The Information Security Analyst will play an influential role in strengthening the AELTC’s cyber security capability and ensuring the resilience of systems that support The Championships and the AELTC’s year‑round operations. You will work day-to-day with the Principal Security Specialist, taking ownership of defined operational areas with the opportunity to develop into broader security leadership responsibilities. The role will contribute to the development of a mature security stack, via continuous improvement of our security practices, collaborating with technical teams, and supporting the evolution of cyber governance and risk management across the organisation. This position offers exposure to enterprise‑scale technologies, hybrid cloud environments, and the unique demands of safeguarding a globally recognised sporting event. This role will require work outside core office hours to support the security operations and threat management associated with The Championships and any major incidents.

What you will be doing during The Championships and Year Round:

• Support and perform proactive monitoring and analysis of security alerts, logs, and telemetry across SIEM, EDR, and network platforms, ensuring timely investigation and escalation of potential threats, suspicious behaviours and indicators of compromise.
• Contribute to the enhancement of incident response processes, including the development of playbooks, and post-incident reviews.
• Provide operational security support during The Championships, including real-time monitoring, rapid triage, and coordination with internal and external partners.
• Support the vulnerability management lifecycle, including scanning, prioritisation, remediation oversight, and reporting across on‑premises and cloud environments.
• Support the organisation’s risk management activities by identifying security gaps, assessing potential impact, and recommending mitigation strategies.
• Assist with the coordination of penetration testing activities, including scoping, stakeholder engagement, and validation of remediation actions.
• Maintain comprehensive documentation of security activities, incidents, risks, and compliance outcomes to support governance and audit readiness, including evidence for internal and external audits.
• Assist with the implementation and optimisation of security controls across infrastructure, applications, and cloud platforms, with a focus on Microsoft Azure.
• Assist with the evaluation of new security technologies and tools, providing recommendations that enhance detection, prevention, and response capabilities.
• Assist in maturing identity and access management practices, including privileged access governance and periodic access reviews.
• Contribute to the development, refinement, and communication of security policies, standards, and procedures.
• Assist with third party security assessments by sending security questionnaires and reviewing documentation, assisting with risk identification, and contributing to recommendations under guidance from senior security staff.
• Support and provide guidance to our colleague cyber security awareness programme, including training content, targeted campaigns, and staff engagement.
• Provide security input and guidance to project teams and business stakeholders, ensuring Secure by design principles are embedded within processes.
• Stay current with emerging threats, technologies, and industry trends, translating insights into actionable improvements.
• Contribute to operational readiness planning for The Championships, including scenario testing, tabletop exercises, and resilience planning.
• Undertake additional technical or security related responsibilities as agreed with senior staff members, where specialist expertise is required, including providing cover for defined operational tasks under the guidance of the Principal Security Specialist.

About you:

• 1–3 years of demonstrable experience in an information security role investigating security alerts and mitigating vulnerabilities.
• A Computer Science or Cyber Security Degree or equivalent professional experience and qualifications.
• Hands-on experience with security tools such as firewalls, antivirus, EDR technologies, vulnerability scanners and SIEM platforms.
• Understanding of core cybersecurity principles, common threats, and mitigation techniques.
• Understanding of cloud security concepts, particularly within Microsoft Azure environments.
• Understanding of core network principles (TCP/IP, routing, firewalls etc).
• Basic scripting or automation experience (e.g. PowerShell, Python, or KQL), or a willingness to learn scripting to support security operations and analysis.
• Knowledge of information security standards (e.g., ISO 27001, NIST).
• Strong analytical and problem-solving skills with attention to detail.
• Strong log analysis and investigation mindset, with the ability to review alerts and logs, identify patterns or anomalies, and support incident investigations.
• Effective communication and organisational skills, ability to work under pressure with the ability to collaborate effectively across technical and non-technical teams.
• Comfortable working autonomously under general direction while developing independent capability.
• Willingness to learn and develop within an information security career path, demonstrating curiosity and a proactive approach to staying informed about emerging threats and security best practices.
• Desirable – working towards, or interest in, industry certifications such as Security+, SC‑200, AZ‑500, or equivalent.