IT Security Analyst Location : Mallusk, Belfast Salary : Competitive plus benefits Contract Type : Full Time, Permanent Build your Future with Us! Are you an experienced IT Security Analyst with a true passion for excellence looking to take your career to the next level? At McLaughlin & Harvey we position our people for success and have built a culture on collaboration. We are seeking an experienced IT Security Analyst to enhance our team and drive success across our high value projects. This is an exciting time to join McLaughlin & Harvey due to a planned departmental expansion we have opportunities for growth and progression within the team. Why join us? Exciting Projects – Work on varied sector projects and leave a lasting legacy Career Growth – Clear progression pathways and continuous professional development Collaborative Culture – Be part of a team that values innovation, integrity, and a commitment to excellence Competitive Package – Enjoy a competitive salary, great benefits with flexible and hybrid working options What you will be doing Developing a thorough understanding of McLaughlin & Harvey's IT environment and enterprise applications, you will be responsible for the operational management of the Company's Information Security Management System and ensuring that our IT governance, risk management, and compliance measures are effective and implemented. The role will support the implementation and maintenance of security controls across the group, aligned with our cyber security policy, group security metrics, and external certification requirements. A key part of the role will involve ensuring that we maintain our current ISO 27001:2022 and Cyber Essentials Plus certifications, as well as contributing to any future certifications. Your key duties and responsibilities will include: Respond to security incidents and system alerts generated within security monitoring tools. Stay informed on cybersecurity trends, issues, and emerging threats, and help promote a culture of security awareness and compliance across the group. Conduct vulnerability assessments to identify potential gaps and weaknesses and propose suitable improvements. Contributing to the maintenance and continuous improvement of our ISMS to make sure systems are as secure as possible. Create and maintain security documents (policies, standards, baselines, guidelines, and procedures). Maintain & improve Business Continuity and Disaster Recovery plans. Contribute to the IT risk register and mitigation plans. Ensure Endpoint security compliance, including Mobile Device Management. Organise audits, external and internal vulnerability scans, web, infrastructure and application penetration tests and ensure remediation of any issues. Assisting with ISO27001 & Cyber Essentials Plus certifications and GDPR compliance. Provide ad-hoc assistance in monitoring and maintaining IT infrastructure (servers, networks, & endpoints). Monitor and report on service metrics to ensure expected service levels are maintained. What We’re Looking For Degree qualified within a STEM subject (preferably Computer Science, Information Security or equivalent) or a minimum of 3 years’ experience in a similar role. Experience Strong candidates will be self-motivated, well-organised, and able to evidence success within a similar role. Candidates should possess the ability to communicate effectively with technical and non-technical colleagues at all levels in the organisation. Essential Previous experience within a cyber / information security role. Strong knowledge and understanding of security risk assessment, including security testing principles and tools. Network, operating system, application and organisational security concepts. An investigative and analytical nature with a focus on ensuring the organisation is as secure as possible. Experience in developing policy and procedural documentation to support governance and compliance. Security tools (Email filtering, antivirus, MDR, patch management). Microsoft 365 suite (Teams, Outlook, Entra ID, Exchange). Desirable Windows server environments (Active Directory, DNS). Understanding of key security technology such as firewalls, proxies, SIEM, and IDPS concepts Experience with security frameworks and standards, including ISO27001 and Cyber Essentials Plus. Datacentre experience (server installation, troubleshooting, cabling). Networking (firewalls, switches & access points). Familiarity with ITIL principles and standards. How to Apply: If you’re ready to take the next step in your career with a company that values your expertise and innovation, we’d love to hear from you! Apply by clicking apply below. Join us on our journey to BuildingTogetherUnlockingPotential McLaughlin & Harvey are an equal opportunities employer who are committed to providing a workplace free from discrimination or harassment. We expect every employee to care and commit to their contribution to the cultivation and maintenance of an environment where everyone has the opportunity to feel included and is afforded the respect and dignity they deserve. Decisions relating to recruitment, salary, training, evaluating performance, or termination are made fairly, and we provide equal employment opportunities to all qualified candidates and employees. We examine our unconscious biases and take responsibility for always striving to create a collaborative and inclusive environment that makes every employee and candidate feel welcome. As a Disability Confident employer we are committed to inclusive and accessible recruitment where we will provide all reasonable adjustments at interview stage and beyond and commit to extending an interview to disabled candidates who meet the minimum job role requirements.