Cyber Security Analyst

Department: Business Services - IT

Employment Type: Permanent

Location: Bristol

Purpose of the role: To monitor, maintain and advance the effective use of technical cyber security controls that are actively in use by DACB. To assist in the research, selection and deployment of new technical security controls for use by DACB. To support the firm’s safe advancement with new technology and ways of working by leading the design, creation and application of appropriate technical security policies. To advise on matters related to cyber security, such as in the support of procurement and project activity.

• Be responsible for daily operations activities (Tessian, Phisher, Knowbe4), Cyber support tickets.
• Assist the Cyber team with daily tasks and workloads
• Assist with compliance activities, security audits, third party supplier and client assessments.
• Assist with ongoing colleague education related to cyber security, helping with phishing simulations, awareness campaigns and ad-hoc queries that come into the team.
• Help ensure that processes are documented and communicated in language that is relevant and understandable to technical and non-technical audiences.
• Help support and deliver security initiatives as needed.
• Help raise the profile of security within the Business through pro‑active involvement with colleagues throughout the business.
• Help manage business security incidents, working closely with the Practice Governance and Risk Team and Business stakeholders.
• Help build and maintain formats for effective tracking and monitoring.
• Develop a good understanding of DACB’s regulatory and client/contractual obligations for cyber security, and the requirements of standards such as ISO27001, GDPR and Cyber Essentials Plus.
• Is also willing to take ownership on any other tasks and responsibilities as required

• Knowledge of basic concepts of Cyber Security, Information Security and Risk Management.
• Experience working in a similar Cyber Security/IT Security Analyst role is advantageous but not essential.
• Degree in a Cyber Security or related subject is advantageous but not essential.

• To have a genuine passion for Cyber Security and its technology, and a drive to continually develop professional and personal knowledge in this fast‑moving area.
• Be self‑motivated and able to work to a high standard under own initiative.
• Able to pay and maintain close attention to detail.
• Have sound analytical skills; able to think laterally and challenge existing concepts.
• Confidence to ask questions and contribute.
• Shows initiative looking for better ways of doing things
• Be a good and confident communicator at all levels.
• Have the ability to understand technical complexities and issues, and be able to explain and translate these to a less technical audience