Lead Security Analyst

We are looking for an enthusiastic and detail-oriented Lead Security Analyst to join our growing information security and data protection team. This is an ideal role for someone who has a strong foundation in information security and data protection and would like to take the next step in helping to lead and develop a small team. The Lead Security Analyst is a mid-level position responsible for overseeing the day-to-day activities of other analysts working on information security and data protection activities. You will be responsible for managing the workload and tasks of security analysts, ensuring that security and data protection tasks like risk assessments, remediation efforts, and policy development are carried out effectively. The Lead Security Analyst will play a key role in delivering the information security and data protection strategy, managing related projects, and ensuring the team is aligned with organisational goals. This is a full-time position with supervisory, training, and mentoring responsibilities. Occasional after-hours work may be required for incident response or urgent security tasks. Successful candidates will be offered the opportunity to enrol on a fully funded Level 7 cyber security apprenticeship (MSc) and will be provided with mentoring support to help you grow and learn. Responsibilities: 1. Team Leadership & Supervision:

• Supervise and manage a team of analysts, assigning tasks, and ensuring work is completed efficiently and to a high standard.
• Provide mentorship, training, and career development support for junior and mid-level analysts.
• Conduct regular performance reviews and provide feedback to team members.
2. Workload & Task Management:
• Oversee the daily operations of the security team, ensuring that assessments, vulnerability remediation, and security policy development are executed on time.
• Prioritise tasks and coordinate with cross-functional teams to meet deadlines.
3. Advanced Security Assessments & Reporting:
• Lead high-level risk assessments, security audits, and vulnerability management efforts.
• Ensure risk and control assessments and findings are documented clearly and communicated to management.
• Provide expert guidance on mitigating information security and data protection risks improving the organisation's security posture.
• Ensures the completion of security and data protection assessments from clients in a timely manner.
4. Policy & Standards Development:
• Lead the creation, implementation, and review of information security and data protection policies, procedures, standards, and guidance, ensuring they are aligned with industry best practices and compliance requirements.
• Provides expert assistance to business stakeholders to help them implement privacy policies and ensure privacy by design and by default in company operations.
• Ensures the mapping of data, and the completion of Data Protection Impact Assessments.
5. Configuration Reviews:
• Lead detailed configuration reviews of systems, networks, and applications.
• Work with cross-functional teams to ensure that security configurations meet established standards.
6. Incident Response:
• Support the incident management leads, helping to coordinates the response to security incidents, including data breaches, system compromises, or attacks.
• Deputise for incident management leads when necessary.
7. Application Security:
• Work with development teams to embed secure coding practices.
• Conduct regular security assessments of the company's software, including the proprietary products sold to clients.
8. Security Oversight:
• Contribute to the development and execution of the organisation's information security and data protection strategy.
• Stay updated on the latest threats and trends and incorporate this knowledge into the organization's information security and data protection posture.
9. Collaboration & Communication:
• Provide security and data protection guidance to internal stakeholders, ensuring security and data protection considerations are incorporated into development and operational practices and best practices are followed across the organisation.
• Mentor and support junior analysts, assisting in their professional development.
  
  Bachelor's degree in Cybersecurity, Information Technology, or a related field, or equivalent experience.
• 4+ years of experience in information security or a related field, with at least 2 years in a mentoring, supervisory, or leadership role.
• CISSP, CISM, CEH, or similar certifications in security leadership are preferred, but not essential.
• Strong experience with security frameworks, risk assessments, vulnerability management, and security incident response.
• Strong technical expertise in security tools, technologies, and methodologies.
• In-depth knowledge of security frameworks and best practices (e.g., NIST, ISO 27001).
• Excellent leadership and team management skills, including proven ability to manage teams and lead security initiatives.
• Exceptional problem-solving, investigative, decision-making, and analytical abilities.
• The adaptability to do a range of work, sometimes complex and non-routine, in different environments
• The ability to work under direction, use discretion, and determine when to escalate issues.
• Strong written and verbal communication skills, with the ability to interact effectively with both technical and non-technical stakeholders.
  
  We champion and welcome diversity in our workforce and ensure all job applicants receive equal and fair treatment, regardless of age, race, gender or gender identity, religion, sexual orientation, disability, or nationality.
We are not only committed to increasing the visibility and recognition of talent from under-represented groups within our organisation, but the wider industry too. At the end of the day, we make sure we take time to look after ourselves, each other, and the planet, because we're always stronger together. ITG have a number of community groups (ERGs) available to employees which offer a safe space for like-minded colleagues, with shared interests to connect, socialise and check in with each other. These include Black ITGers Together, LGBTQ+ Together, Mens Health Together, Muslims Together, Neurodiversity Together, Working Parents and Carers Together and Women In Tech Together. What next?

Work's a treat! On top of a competitive salary, you can expect a whole load of perks:
• 25 days' holiday + bank holidays - we understand the importance of you getting some down time.
• Annual Wellbeing Day - enjoy an additional day on us to look after your physical and mental wellbeing.
• Pension Scheme - helping you save towards your retirement home in the sun!
• Corporate Medical Cash Plan - claim back the cost of your medical treatments.
• Smart Working Options - spend up to 40% of your working week from home.
• So many savings - through our online community platform, you can access dozens of daily deals, from money off top brands to discounts on days out.
• Employee Assistance Programme - our people are at the heart of everything we do, so if you're happy, we're happy.
• Cycle to Work Scheme - save on the cost of biking to work.
• Monthly Employee Awards - Employee of the Month programme with £250 bonus
• Raising money for charity including a paid Volunteer Day - we're all about giving back… and having lots of fun in the process!
• Referral scheme - know the perfect person to join the team? You could bag £1,500 for a putting a good word in.
• Wellbeing Programme - giving you the opportunity to join regular, interactive Wellbeing Workshops or join our 30 plus Wellbeing Champions.
• Enhanced Family Friendly Leave - support for you and your family to help you navigate through the craziness of family life.
We Value Diversity