Cyber Security Analyst | Provide CIC
| Posting date: | 07 April 2025 |
|---|---|
| Salary: | Not specified |
| Additional salary information: | £46,148 - £52,809 per annum |
| Hours: | Full time |
| Closing date: | 07 May 2025 |
| Location: | Colchester, CO4 9YQ |
| Company: | Provide CIC |
| Job type: | Permanent |
| Job reference: | 7126052/828-PROVIDE3475 |
Summary
The Cyber Security Analyst is responsible for the identification and handling of threats, both internal and external, to the security of Provide and Provide group companies. The Cyber Security Analyst will be expected to research and identify cutting edge techniques and technologies which will strengthen the organisation’s cyber security position.
TheCyber Security Analystwill work closely with theTechnology Security and Cloud Leadand Director of IT & Systems to ensure all areas of the Environment are maintained and developed to high standards, security is of the highest priority and part of the role will be to analyse gaps, recommend and implement improvements.
A strong knowledge of security hardening techniques, exploit mitigation and security incident management is essential and will be utilised when planning upcoming projects and BAU activities.
• Provide strategic and technical expertise to design, implement, and manage advanced cybersecurity solutions.
• Analyse security events and investigate security alerts, resolving or escalating appropriately.
• Document security incidents, identifying process and tooling improvements.
• Conduct security assessments through vulnerability testing and risk analysis.
• Perform root-cause analysis of security breaches.
• Develop and refine incident response playbooks.
• Utilise threat intelligence to identify attack scale, type, and affected systems.
• Act as primary contact for logging and managing security incidents and events.
• Assist with internal and external audits, preparing required information.
• Create and maintain security procedure manuals.
• Promote cybersecurity awareness across the organisation.
• Stay informed about legal, regulatory, and technological cybersecurity developments.
• Communicate complex technical issues clearly to technical and non-technical stakeholders.
• Use diplomacy and negotiation skills when agreeing priorities with senior management and suppliers.
• Deliver technical presentations and training on cybersecurity topics.
• Independently plan workload, make decisions, and implement improvements within organisational policies.
• Act as lead specialist, resolving complex cybersecurity problems autonomously.
• Assist with induction and professional development of junior team members.
• Allocate tasks and oversee junior staff workload planning.
Provide is a Community Interest Company (social enterprise). We deliver a broad range of health and social care services in the community, and are committed to making sure that they are safe, responsive and of high quality. Provide is owned by its employees and has primarily social objectives. Any profits we make are reinvested into the local community or back into delivering services.
We work from a variety of community settings, such as community hospitals, community clinics, schools, nursing homes and primary care settings, as well as within people’s homes to provide more than 40 services to children, families and adults across Essex, Dorset, East Anglia and the North of England.
A highly respected, award winning health and social care provider. We expect our staff to demonstrate and uphold our values at all times:
Vision: Transforming Lives
Values: Care, Innovation and Compassion
Mission: An ambitious, employee owned social enterprise, growing in size and influence. We transform lives by treating, caring and educating people.
Provide is an equal opportunity employer committed to building a team that represents a variety of backgrounds, perspectives and skills, proud to have LGBT+, Ethnic Minority and Men’s Networks.
We welcome applicants from underrepresented groups. If you have the skills and experience for the job, please apply regardless of your background.
Operational or Strategic Responsibilities
• Provide analytical, strategic, and technical skills to design, develop, implement, and use state-of-the-art technology cybersecurity solutions aimed at reducing risk.
• Analysing security event data arising from activity across the organisation with the goal of detecting malicious activity.
• Investigating security alerts and incidents generated by security tools within the organisation, resolving or escalating as appropriate.
• Producing documentation relating to the processing of alerts and incidents which includes the identification of improvements to processes and/or tooling.
• Conducting security assessments through vulnerability testing and risk analysis.
• Analysing security breaches to identify the root cause.
• Define and mature ‘playbooks’ for response to cyber threats.
• Use threat intelligence to pinpoint scale of the attack, the type of attack and systems affected.
• Provide incident response for confirmed security incidents.
• Be the point of contact for Security incidents, events and requests and ensure all are logged.
• Assist with any internal and external audit requirements and collate information as necessary to respond to any queries where appropriate.
• Creation and maintenance of procedure manuals.
• Promoting Security awareness across the business.
• Understand legal & regulatory requirements and procedures in place relating to Security.
• Actively remain informed about new and evolving technological and cyber security change, including working towards and obtaining relevant professional certifications.
Communication and Relationship Skills
• Use of tact and diplomacy when dealing with customers and suppliers.
• Use of negotiation skills when setting and agreeing priorities with senior managers, e.g. when prioritising developments, agreeing system designs or new processes.
• Give technical presentations and training on complex IT issues.
• Communication of a range of complicated, detailed and difficult to explain multi-stranded IT issues to both peers and non-IT staff and suppliers.
• Communication of complex IT issues and solutions with staff at various levels across the trust and to external technical teams, this requires excellent written and verbal communication skills.
Autonomy
• Ensure their own training is up to date.
• Keep up to date with national guidance and Provide policies, highlighting any required changes to the department’s manager.
• Plan own workload and activities to meet project deadlines and provide user support.
• Ability to work unsupervised and make decisions without referring to a manager to achieve agreed objectives.
• Review, propose, develop and implement processes for own area of work.
• Act as a lead specialist in own area of work.
• Using knowledge gained through formal learning and work experience to make judgements on how to most effectively resolve IT problems where there may be a range of options.
• Work within broad policies and national guidance that may require interpretation due to the complexity and technical nature of the guidance.
Responsibility for Human Resources/Supervision or Management of others
• Assist with the induction of new members of staff.
• Supporting the development of more junior members of the team.
• Deliver training on a range of IT subjects to other members of the IT Team.
• Allocates work to more junior members of staff.
• Plans workload within own area of work.
Responsibility for Finance/Resources or Budget
• Ordering and receipting of IT hardware and software which can often be of high value.
• Responsible for the proper and safe use of IT equipment by users.
Use of Information Resources
• Responsible for the planning, development, review, update and introduction of IT infrastructure and server related projects, e.g. implementation of new servers.
• Ensuring databases are kept up to date and maintained to a high quality, this will include the Configuration Management Data Base.
• Entering data into a range of IT systems and auditing this data when required.
• Production of reports.
• Using analytical skill for the production of statistics on the performance of the department and suppliers for the service managers, these may be circulated to Provide’s board members and Senior Management Team.
• Email, telephone and face to face communication with customers and suppliers.
• Making modifications and repairs to IT software, hardware and code.
• Development of training materials and processes.
Responsibility for Patient Care
There is no responsibility beyond ‘incidental contact’ with patients.
This advert closes on Monday 14 Apr 2025
Proud member of the Disability Confident employer scheme
Disability Confident
About Disability Confident
A Disability Confident employer will generally offer an interview to any applicant that declares they have a disability and meets the minimum criteria for the job as defined by the employer. It is important to note that in certain recruitment situations such as high-volume, seasonal and high-peak times, the employer may wish to limit the overall numbers of interviews offered to both disabled people and non-disabled people. For more details please go to Disability Confident.