Cookies — it's your choice

At Bright Network we use cookies and similar technologies to help deliver you the best possible experience. Some are necessary to help our website work properly and can't be switched off, and some are optional but support Bright Network in building and running the service that we provide to you.

You can find out more in our privacy policy at any time by going to the link in our footer.

    1. Home
    2. Graduate Jobs
    3. Technology & IT Infrastructure
    4. Information Security Analyst 2024
    Lock Applications for this job are now closed
    Closing soon

    We are an award-winning multidisciplinary built environment consultancy, employing over 1100 people across 11 locations throughout the UK. Our vision is to help our clients to create better places for people to live, learn and work.

    At Ridge, our people are the foundation of our success, and our greatest asset. They drive our vision and embody our values. Our people are what separate us from the competition and we never lose sight of this. We offer not just a job, but a journey. We believe in commitment, and the value of a stable, long-term career path. We challenge our people to be the best they can be and help them grow with training and support.

    Due to the continued growth and associated success of Ridge, the Technology team is growing in capacity to meet demand & service across the company. We are looking for a talented Information Security Analyst to sit within the Ridge Technology team. You would join at an exciting time of growth in the wider company especially in the Technology team, where investment is being made to match the needs due to the success of the business.

    Role and Responsibilities

    We are looking for someone with a real passion for information/ cyber security, who has the desire and willingness to learn and grow. We are interested in applicants who have established experience in Information Security, or people who are eager to enter the field for the first time and grow into the role. This person will play a crucial role within the wider Technology team, supporting the new Head of Information Security to ensure our information systems and data are protected from threats. Responsibilities will cover both technical (with access to the latest security tools) and non-technical (governance, risk, and compliance). No two days will be the same!

    Responsibilities will include liaising and working with the 24/7/365 Managed Detection and Response (MDR) service, to identify, manage and resolve security alerts and incidents. You will also be performing internal vulnerability scans, understanding the data to identify real risk to the firm, and then working with system owners to remove that risk. In addition, the role will take on responsibility for implementing and maintaining information security standards and measures to protect our infrastructure, systems & informationAs part of this, the role will be key in ensuring we renew our current (Cyber Essentials Plus & ISO27001) & future accreditations. This will require exceptional communication to internal stakeholders across the company at all levels, whilst maintaining a solid, governed technical foundation. As part of the newly formed Information Security team, the role will form a central part of both risk management & user enablement at Ridge helping to change the way Technology is perceived and used across the business.

    Finally, the role will work closely and in collaboration with the wider, technology team internal to Ridge, the current IT service provider, business stakeholders and end users to support and promote information security at all levels. Excellent communication skills will be critical to successfully collaborate with all stakeholders and ensure success.

    What you need to do to be effective in this role

    • Work with the MDR provider to analyse security alerts & incidents to identify impact & rectify threats
    • Perform vulnerability assessments to identify potential gaps and weaknesses
    • Conduct or assist in security audits to assess compliance
    • Input into & help manage the wider IT risk register holding other areas to account on mitigation plans
    • Input into Change Approval Board (CAB) to ensure governance and security is applied to all change
    • Identify and suggest improvements in Information Security to the Head of Information Security & the wider business
    • Help understand and develop key Information Security value, measures (KPI and OKRs) and targets in our business & ability to show how the function contributes to our overall business objectives
    • Input into the enterprise’s security architecture design to assess current & future requirements
    • Interpret data to understand the headline conclusions to support actionable recommendations
    • Liaise with both internal and external stakeholders'
    • Remain informed on trends and issues in the security industry, including emerging threats
    • Create and maintain security documents (policies, standards, baselines, guidelines, and procedures)
    • Maintain & improve the enterprise’s Business Continuity Plan and Disaster Recovery Plan
    • Maintaining key process documentation for information security
    • Promote and drive a culture of security awareness & compliance across the organisation

    Experience and Skills Required

    • Educated to Degree level within a STEM subject (preferably Computer Science, Information Security or equivalent) would be advantageous but not essential within this role
    • Gained relevant experience within an IT / Technology role, ideally in Information Security
    • Strong working knowledge & understanding of Cyber Essentials Plus & ISO27001:2022
    • Relevant accreditation such as CISM, CISSP or CompTIA Security+ desirable, but not required
    • Strong working knowledge of SaaS platforms such as Microsoft365 and ITSM tooling (Halo preferred)
    • Good working knowledge of appliable data privacy practices and laws
    • Previous exposure to IT service governance, risk, and compliance methodologies
    • Excellent written and verbal communication skills with an ability to communicate effectively with colleagues and non-technical stakeholders
    • Ability to present ideas in business-friendly and user-friendly language
    • Ability to effectively prioritise and execute tasks in a fast-paced environment

    Don’t quite tick all the boxes here? Don’t worry, we still want to hear from you! Our team is growing and we also have an opportunity for a more Junior InfoSec Analyst, so please apply, we would love to receive your application.

    What’s in it for you?

    Our people are our business – our vision is to be ever progressive, expanding our expertise and nurturing our talent through Quality, Innovation & Growth, to achieve our strategic outcomes:

    • Growth which fuels ideas and opportunity for all
    • Purposeful and meaningful work
    • Continual development and mentoring
    • Empowerment, inclusivity and respect
    • Happiness and enjoyment
    • Openness, honesty and integrity
    • Acting as one team

    Benefits

    Your reward is focused on your total wellbeing, with a package to support all aspects of life. In addition to your salary, you can expect:

    • A healthy holiday balance of 25 days, plus bank holidays & the ability to buy / sell to suit you
    • 3 days a year to give your time to others, volunteering for great causes

    An inclusive wellbeing offer:

    • Financial – Life Assurance, Pension Scheme (3% Employee, 6% Employer), Income Protection, Salary Sacrifice Car Scheme, flexible choice of Critical Illness Insurance
    • Physical – Private Medical Insurance, Doctor at Hand Private GP, Best Doctors, flexible choice of Dental Plan, Cycle to Work Scheme, GymFlex & Healthcare Cash Plan
    • Mental – Mental Health First Aiders, Help@Hand by Unum
    • Where eligible, a generous car allowance and a performance bonus scheme
    • A flexible approach to hybrid working, to suit both you & your team
    • Tailored career development – focused on professional, personal and/or educational