Cyber Security Analyst/Lead

Overview Join Chambers and Partners as our next Cyber Security Analyst/Lead, a pivotal role at the heart of our commitment to safeguarding information and maintaining trust. You’ll lead the development and delivery of our information security programme, protecting our systems, data, and digital assets from evolving threats. This is an exciting opportunity to drive key security initiatives, oversee cutting-edge technologies, and ensure compliance with leading industry frameworks within a globally respected organisation. Equal Opportunity Statement

We are committed to fostering and promoting an inclusive professional environment for all of our employees, and we are proud to be an equal opportunity employer. Diversity and inclusion are integral values of Chambers and Partners and are key in our culture. We are committed to providing equal employment opportunities for all qualified individuals regardless of age, disability, race, sex, sexual orientation, gender reassignment, religion or belief, marital status, or pregnancy and maternity. This commitment applies across all of our employment policies and practices, from recruiting and hiring to training and career development. We support our employees through our internal INSPIRE committee with Executive Sponsors, Chairs and Ambassadors throughout the business promoting knowledge and effecting change.

Applicants who identify as Disabled and/or Neurodiverse will be entitled to an interview if they meet the minimum criteria as specified in the Job Description, additionally we will offer reasonable adjustments to those who require them. Some examples of reasonable adjustments are extra time in assessments, video interviews to combat travel-based issues and advice on expected interview topics/questions.

Main Duties and Responsibilities

1. Security Strategy & Governance: 

  • Develop, implement, and maintain the organization's information security strategy, policies, standards, and procedures in alignment with business objectives and regulatory requirements. 

  • Lead the development and implementation of an Information Security Management System (ISMS), based on ISO 27001 

  • Conduct regular security risk assessments, identify vulnerabilities, and recommend appropriate mitigation strategies. 

  • Stay up-to-date with the latest cybersecurity threats, trends, technologies, and best practices. 

  • Provide expert advice and guidance on information security matters to various stakeholders across the organization. 

2. Security Operations & Incident Response: 

  • Oversee the day-to-day operation of security systems and tools, including firewalls, intrusion detection/prevention systems (IDS/IPS), antivirus, anti-malware, SIEM (Security Information and Event Management), vulnerability scanners, and data encryption solutions. 

  • Manage vulnerability management programs, including regular scanning, penetration testing, and remediation of identified weaknesses. 

  • Lead and manage security incident response, including detection, analysis, containment, eradication, recovery, and post-incident review. 

  • Develop and maintain robust disaster recovery and business continuity plans related to information security. 

  • Monitor security alerts, logs, and reports for suspicious activity and potential threats. 

3. Compliance & Audit: 

  • Ensure the organization's adherence to relevant information security regulations, laws, and industry standards (e.g. HIPAA, PCI DSS, NIST, CIS, ISO 27001, Cyber Essentials+). 

  • Coordinate and participate in internal and external security audits, provide evidence, and ensure timely remediation of audit findings. 

  • Develop and implement security awareness training programs for all employees to foster a security-conscious culture. 

  • Manage third-party security risk assessments and ensure vendor compliance with security requirements. 

4. Infrastructure Security: 

  • Collaborate with IT Operations and Infrastructure teams to ensure security is embedded in the design, implementation, and maintenance of all IT infrastructure, including cloud environments (e.g., Azure, AWS, GCP), networks, servers, and endpoints. 

  • Manage access controls, identity management (e.g., Entra ID/Azure AD), and privileged access management (PAM) systems. 

  • Manage access control processes to 3rd party applications, and 3rd party relations.  

  • Oversee the patching and configuration management of all systems and applications to reduce the attack surface. 

5. Management & Leadership: 

  • As this role develops, we expect the need for a dedicated team of security professionals. This position will then be responsible for the team’s service delivery, including leadership, mentoring, and general support of team tasks. 

  • Manage relationships with third-party security vendors and service providers. 

  • Prepare and manage the IT security budget, ensuring optimal allocation of resources. 

  • Communicate security risks, incidents, and performance metrics to senior management and other stakeholders. 

  • Drive continuous improvement initiatives within the information security function. 

Skills and Experience

  • Bachelor's degree in Computer Science, Information Security, or a related field (or equivalent practical experience). 

  • Demonstrable experience in information security. 

  • Experience creating Cyber Security roadmaps. 

  • Strong understanding of information security principles, frameworks (e.g., ISO 27001, NIST, Cyber Essentials), and best practices. 

  • Hands-on experience with security technologies such as firewalls, SIEM, IDS/IPS, vulnerability scanners, endpoint detection and response (EDR), and identity management solutions. 

  • Experience with cloud security (e.g., Azure Security). 

  • Proven experience in managing security incidents and conducting incident response. 

Apply Now
Apply Now

Job Details

Company
Chambers and Partners
Location
London, South East, England, United Kingdom
Employment Type
Full-Time
Salary
Competitive salary
Posted