The IT team's core responsibilities are managing IT infrastructure, supporting software applications, and ensuring network and cyber security whilst taking the strategic lead on digital initiatives. We lead the charge in driving digital transformation across the business. This includes spearheading the adoption of innovative technologies, developing digital strategies to enhance operational efficiency, and leveraging data analytics to drive informed decision-making.
The IT team are positioned at the forefront of digital innovation enabling us to thrive in an increasingly digital landscape. Key role priorities: This role supports the business's cyber security posture and technology governance. It involves managing security operations, contributing to infrastructure oversight, and enabling responsible adoption of emerging technologies including AI.
The role requires prior experience in cyber security, GRC, and infrastructure. It plays a key part in incident response, compliance, and strategic technology initiatives such as AI adoption. Key working relationships: You will maintain key working relationships with business stakeholders to understand requirements and ensure that solutions are implemented with security at the heart.
You collaborate closely with IT Leads, infrastructure and application teams to ensure security is embedded across systems and services. You will ensure our business remains compliant and meets its regulatory requirements. You will be part of the incident response team for both cyber and business continuity; working to mitigate breaches and restore operations.
Main duties & responsibilities
* Ensure timely resolution or escalation of service desk requests/incidents; communicating promptly on progress, and handling our customers with a consummately professional attitude.
* Act as a key contributor to threat monitoring, cyber incident response and business continuity.
* Maintain and update security playbooks, SOPs, and incident documentation.
* Monitor and manage operational security tools including Mimecast, security event monitoring, endpoint protection (Sophos), M365 security and compliance configurations and vulnerability scanners.
* Collaborate with infrastructure teams on firewall rule reviews, network segmentation, asset management, and patching schedules.
* Support Microsoft Purview configuration, IAM, and data governance activities within the M365 ecosystem.
* Contribute to security architecture reviews and provide input on secure design principles for new systems and services
* Assist with compliance efforts including Cyber Essentials, NIST CSF, and ISO27001.
* Contribute to awareness training, phishing simulations, and user education.
* Participate in forensic investigations and post-incident reviews.
* Support cyber security focussed governance, risk, and compliance (GRC) activities including: maintaining and evolving the ISMS, supporting internal audits and risk assessments, tracking and reporting on compliance posture
* Stay informed on emerging technologies including AI, cloud, and automation.
* Support governance and risk assessments for new technology implementations.
* Support the rollout and adoption of Microsoft Copilot across our business, including configuration, policy alignment, and user enablement.
* Contribute to the governance of AI technologies, ensuring responsible use, data protection compliance, and alignment with ethical standards.
* Assist in developing and maintaining AI-related security controls, including access management, data classification, and monitoring.
* Collaborate with business units to identify use cases for AI tools and support secure implementation and integration into workflows.
* Monitor AI-related risks, including data leakage, model misuse, third-party AI integrations, and contribute to mitigation strategies.
* Support onboarding and assurance activities for new vendors and partners.
* Assist in reviewing third-party security controls, supply chain risks and monitor vendor compliance with security standards or contractual obligations.
* Assist with monitoring and reporting on cyber security related matters to leadership teams.
* Complete any other tasks commensurate with the level and nature of the post as delegated by the role's line manager.
Key measures of success
* Timely and effective response to cyber incidents, with documented post-incident reviews and improvements.
* Security tooling, playbooks, and SOPs maintained and aligned with evolving threat landscape and business policies.
* Compliance with internal and external frameworks (e.g. Cyber Essentials, ISO27001, NIST CSF) demonstrated through audit readiness and reporting.
* Successful rollout and adoption of Microsoft Copilot and other AI technologies, with measurable user engagement and governance controls in place.
* Constructive collaboration with infrastructure, application support, and business teams to embed security into systems and processes.
* Effective vendor onboarding and assurance, with supply chain risks identified, tracked, and mitigated.
* Delivery of awareness training and phishing simulations, with improved user resilience and reduced risk metrics.
* Contribution to strategic technology initiatives, including secure design input, cloud security, and digital transformation.
* Regular reporting of cyber metrics and risk posture to leadership, supporting informed decision-making and board-level assurance.
* As part of the broader team, ensure that all users are continually provided with an effective and timely support service for issue resolution.
Requirements
* Degree or equivalent relevant qualification or experience in computer science, security or a related subject with a significant component of IT.
* Professional technical qualification or certification such as MCP, CISSP, Security+ etc.
* Previous successful experience in a similar role.
* Good knowledge of network security, and the cyber threat landscape.
* Experience of IT governance and compliance standards (For example Cyber Essentials, NIST CSF and ISO 27001).
* Experience with cloud security principles and controls across SaaS, PaaS, or IaaS environments.
* Experience working with third-party vendors and supply chain assurance.
* Experience investigating cybersecurity incidents and undertaking reporting/remedial action as required.
* Experience contributing to or maintaining an ISMS.
* Experience supporting security audits or certification processes.
* Awareness of AI technologies and their security implications.
* Experience supporting AI-related technologies or platforms such as Microsoft Copilot, including configuration, governance, and user enablement initiatives.
* Previous successful experience in infrastructure.
Skills, knowledge & ability
* Good knowledge of optimising and managing security and IAM toolsets such as antivirus / endpoint protection, Office 365 Security & Compliance, Entra ID Management and vulnerability management platforms.
* Knowledge of multifactor authentication (MFA) architectures and Role-based Access Control (RBAC) implementations to best practices.
* Excellent communication skills (oral and written), including the ability to have effective, proactive two-way flow of jargon-free communication with all system users.
* Ability to keep abreast of all relevant IT developments to enable continuous improvement in service delivery.
* Excellent interpersonal skills, including the ability to develop and maintain constructive working relationships.
* Ability to think long term and take a long-term view of services.
* Scripting or automation (e.g Powershell / Python).
Personal characteristics
* An organised approach to work, including prioritising own work and that of others whilst working under pressure.
* Calm, driven and resilient.
* Results and customer focused.
The Equality Act protects disabled people from discrimination, and we welcome applications from disabled people. The Equality Act defines a disabled person as someone who has a physical or mental impairment which has a substantial and adverse long-term effect, usually at least 12 months, on their ability to carry out day to day activities.
#J-18808-Ljbffr