The Opportunity The Senior Analyst (Digital Forensic) / ICT Security Specialist is responsible for safeguarding an organisation’s information syste..
The Opportunity
The Senior Analyst (Digital Forensic) / ICT Security Specialist is responsible for safeguarding an organisation’s information systems and networks from cyber threats, attacks, and unauthorised access. Acting on behalf of our subsidiary business, Forensic IT, this position involves monitoring, assessing, and implementing security measures to protect client’s digital assets, ensuring compliance with relevant security policies, regulations, and best practices.
The Senior Analyst (Digital Forensic) / ICT Security Specialist will play a key role in identifying vulnerabilities, responding to security incidents, and supporting the development of cybersecurity strategies to enhance the organisation's security posture.
Responsibilities
Cybersecurity Management:
• Monitor, assess, and manage security threats and vulnerabilities across IT infrastructure (networks, systems, applications).
• Conduct regular security assessments, penetration tests, and vulnerability scans.
• Analyse and respond to security incidents, including identifying causes and mitigating risks.
• Develop and implement security policies, procedures, and controls to protect digital assets.
• Manages and leads client projects
Incident Response & Investigation:
• Lead or support investigations of security breaches or incidents, and take corrective actions as necessary.
• Coordinate incident response activities, including containment, eradication, recovery, and post-incident analysis.
Security Monitoring & Threat Intelligence:
• Use security tools (e.g., SIEM, IDS/IPS, firewalls) to continuously monitor the security of systems, applications, and networks.
• Collect and analyse threat intelligence to proactively address emerging security risks.
• Maintain awareness of the latest cybersecurity trends, vulnerabilities, and threat actors.
Risk Management & Compliance:
• Assess and mitigate cybersecurity risks associated with business operations, third-party vendors, and emerging technologies.
• Ensure compliance with relevant security standards, laws, and regulations (e.g., GDPR, HIPAA, PCI DSS).
• Prepare and assist in audits related to cybersecurity practices.
• Undertakes complex casework.
Security Awareness & Training:
• Develop and deliver security training and awareness programs for staff to promote good cybersecurity hygiene.
• Advise the organisation on security best practices, user access controls, and safe data handling procedures.
Collaboration & Reporting:
• Work closely with IT, development, and other departments to ensure security is integrated into all aspects of business processes.
• Report on the status of security efforts, incidents, and initiatives to senior management.
• Manages multi-disciplinary casework teams/assignments and /or projects.
• Negotiates with internal and external stakeholders, peers and industry bodies
Continuous Improvement:
• Regularly evaluate and improve the organisation’s security infrastructure, recommending new tools, technologies, and practices.
• Stay current with the latest cybersecurity trends, threats, and technologies to ensure proactive security measures are in place.
Requirements
Education: Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field. Certifications such as CISSP, CISM, CEH, or CompTIA Security+ are highly desirable.
Experience:
• 3+ years of experience in ICT security, network security, or related fields.
• Hands-on experience with firewalls, intrusion detection/prevention systems, antivirus software, and other security technologies.
• Experience in conducting security audits and vulnerability assessments.
• Strong understanding of IT infrastructure, operating systems, networking protocols, and security best practices.
Skills:
• Excellent knowledge of security frameworks (e.g., NIST, ISO 27001).
• Proficiency with security monitoring tools (SIEM, IDS/IPS).
• Strong troubleshooting, problem-solving, and incident response skills.
• Ability to communicate complex security concepts to non-technical stakeholders.
• Familiarity with cloud security and securing hybrid IT environments.
• Strong written and verbal communication skills.