Senior Cyber Analyst

This range is provided by JLA Group. Your actual pay will be based on your skills and experience — talk with your recruiter to learn more.

Direct message the job poster from JLA Group

JLA is a mission critical infrastructure solutions business offering services Laundry, Catering, Heating, Fire Safety, Infection Control and Air Conditioning.

The company offers an end-to-end, on premise, machine supply and breakdown service proposition under the name Total Care, and additional products and services. JLA is driven by a world class Sales & Marketing engine, owns and maintains all assets, and has an efficient on-site operations team working with daily with customers.

We're seeking a Cyber and Compliance Analyst to join our IT System Administration team. Reporting to the Head of Infrastructure, you'll be responsible for maintaining the security and compliance of our IT infrastructure and systems. You'll work closely with system administrators to ensure our servers, networks, endpoints, and IT services meet security standards and regulatory requirements while supporting business operations effectively.

• Security Management - design and maintain security controls across our IT infrastructure, including servers, networks, databases, and endpoint devices.
• Manage security tools such as firewalls, intrusion detection/prevention systems, antivirus solutions, and endpoint protection platforms.
• Monitor security logs and alerts, investigating potential security incidents and coordinating response activities alongside the wider team.
• Conduct regular vulnerability assessments and periodic penetration testing, working with the system administration team to remediate identified issues.
• Compliance Management - maintain our compliance posture across relevant frameworks such as ISO 27001, SOC 2, NIS2, Cyber Essentials and GDPR.
• Develop and maintain IT policies, procedures, and controls that align with regulatory requirements and best practices.
• Coordinate internal and external audits, preparing evidence of controls and working with auditors to demonstrate compliance.
• Conduct regular compliance assessments of IT systems and processes, identifying gaps and implementing corrective actions.
• Access Control and Identity Management - manage user access controls and permissions across IT systems, ensuring the principle of least privilege is maintained.
• Oversee identity and access management processes, including user provisioning, de-provisioning, and access reviews.
• Implement and maintain multi‑factor authentication and privileged access management solutions.
• Conduct regular access audits to ensure appropriate segregation of duties.
• System Hardening and Patch Management - develop and enforce system hardening standards based on industry benchmarks such as Cyber Essentials, CIS or NIST guidelines.
• Coordinate with system administrators to ensure timely deployment of security patches and updates.
• Maintain configuration management databases and ensure systems are configured securely.
• Monitor system configurations for drift and non‑compliance with established baselines.
• Training and Awareness.
• Act as the primary point of contact for security and compliance matters within the IT department, providing guidance and training to staff on security best practices and compliance requirements.
• Develop and maintain security documentation, runbooks, and procedures for the IT team.
• Run phishing simulation/campaigns across the wider business, reporting on outcomes and driving corrective behaviours.

• Bachelor’s degree in computer science, Cybersecurity, Information Systems, or related field, or equivalent practical experience.
• 3+ years of experience in cybersecurity, IT security, compliance, or system administration roles.
• Strong understanding of IT infrastructure including Windows and Linux server environments, Active Directory, networking, and databases.
• Knowledge of compliance frameworks such as ISO 27001, SOC 2, NIST, Cyber Essentials, or PCI‑DSS.
• Experience with security tools including SIEM, vulnerability scanners, endpoint protection, and firewalls. Experience with the Microsoft security stack is an advantage.
• Experience with compliance tools such as Microsoft Purview and practical experience in adopting these to improve information security.
• Knowledge of cloud infrastructure security, specifically for Azure.
• Exposure to Zero Trust Network Architectures - experience with Entra Private Access is a particular benefit.
• Understanding of network security concepts including firewalls, VPNs, IDS/IPS, and network segmentation.
• Familiarity with backup and disaster recovery procedures.
• Strong analytical and problem‑solving skills.
• Excellent communication skills with the ability to work effectively with technical teams and explain security concepts clearly.

• Experience of Hypervisors (VMware, Hyper‑V).
• Relevant certifications such as CISSP, CISM, Security+, CISA, or system‑specific certifications (MCSE, RHCE).
• Familiarity with ITIL or other IT service management frameworks.
• Previous experience conducting internal audits or working with external auditors.
• Understanding of encryption technologies and PKI infrastructure.

When you join the JLA family, you'll also gain access to an extensive benefits package. We care about our people and take your well‑being seriously, which is why we offer a range of supportive tools for health and wellbeing, financial guidance, and legal advice. Our Employee Assistance Programme, 24/7 Wellness and Lifestyle App plus a dedicated team of Mental Health First Aiders are there to support you through life's challenges. We also offer up to 8 counselling sessions, which can be in‑person or remote, providing you with the support and flexibility to suit your own personal needs. You can reach any fitness goals with our free onsite gym at head office along with a range of other gym membership discounts available.

To offer financial support, we not only provide life assurance coverage, company sick pay, and a company pension scheme, we offer a range of added benefits such as free office parking, eye care vouchers, a cycle‑to‑work scheme, and exclusive discounts through our staff benefits hub.

We really pride ourselves in offering a healthy work‑life balance and believe it is important to have time away to recharge which is why we provide 25 days of annual leave plus bank holidays, flexible working options, and enhanced family leave policies.

We are a company that appreciates you and invests in your success and even have a Colleague Recognition Scheme to celebrate your achievements. We're dedicated to your growth, offering support in career development and training. We value your referrals, and through our Refer a Friend scheme, you can earn up to £1,000 in bonus rewards!

Mid‑Senior level

Full‑time

Information Technology

Facilities Services

Manchester, England, United Kingdom