Job Description:

Security and Governance Analyst

£26,021 - £28,912 per annum

Fareham

Permanent, Full Time 

JOB PURPOSE 

The Security and Governance Analyst role provides very important support to the IT team and the wider organisation. They would work closely with the IT Manager and our security partners to ensure the security and integrity of Two Saints information systems and infrastructure. Responsible for collaborating on policies, procedures, and administering controls to protect sensitive data from cyber threats and ensure compliance with regulatory requirements, reporting performance back to the IT Manager, Performance and Executive teams. 

MAIN RESPONSIBILITIES 

In conjunction with the IT Manager, build a constructive relationship with Two Saints’ principal IT suppliers to ensure that the contracted standards of service and support are met 

Work together with these suppliers to ensure that Two Saints’ ICT Security policies are applied and followed correctly 

Regularly review the security preparedness of our supply chain 

Work with the Learning and Development Manager and the HR team to establish a minimum standard of cyber awareness skills for Two Saints’ staff – assess the quality of both internal and external trainers with the delivery of training and awareness through learning platforms and internal communication 

In conjunction with Systems & Applications Support and Network Support colleagues, maintain accurate records of software licences, equipment types and locations etc.   

Ensure the organisation maintains a good level of IT security by evaluating risks and solutions. Continue to implement and develop solutions in line with ongoing threats 

Assist in ensuring the organisation remains GDPR compliant and provide support for subject access requests and destruction of data in line with data governance 

Support the IT Manager to review and maintain data governance policies and Data Loss Prevention (DLP) using Microsoft compliance tools 

Oversee daily security checks and carryout any follow up action required 

Reporting to the IT Manager, maintain security standards by ensuring operating system patches and hardware/firmware updates are applied across the network 

Ensure all documents, processes and procedures for the ICT team are kept updated 

Create and develop required reports for the organisation, including producing monthly and quarterly reports for the senior management teams. Responsible for using the organisations preferred reporting tools to produce meaningful reports 

Working with the IT Manager, support and implement risk management processes to identify and mitigate IT risks. 

Regular auditing and monitoring of IT systems to ensure data integrity, security, and compliance. 

Support the IT Manager to ensure that IT projects and operations comply with internal and external policies, regulations, and standards. 

Work with the IT Manager to design and implement frameworks and procedures to ensure IT security and governance aligns with organisational objectives. 

Staying informed about the latest IT trends and advancements to inform cyber strategies and policies. 

This role has business continuity responsibilities

ROLE REQUIREMENTS

This role may require a standard disclosure and barring service check. 

This role will require a full drivers’ licence and access to a vehicle  

This role will require you to work flexibly across several sites  

EXPERIENCE AND QUALIFICATIONS

ESSENTIAL CRITERIA  

Achieving Cyber Essentials / CE+ 

Working with Security Frameworks 

Awareness of Operational Risk Management Processes 

Experience of Project Working 

CompTIA Security+, Certified Information Security Manager or equivalent 

Experience working with data protection and compliance 

DESIRABLE CRITERIA 

3rd Party Management, particularly with MSP’s and CSOC’s 

Designing Cyber Security Awareness Programmes for internal staff awareness 

KNOWLEDGE AND SKILLS

ESSENTIAL CRITERIA  

GDPR Compliance 

Hardware firmware and Microsoft patching requirements 

Asset Management 

Management Reporting 

Microsoft Defender 

PCI-DSS 

DESIRABLE CRITERIA (experience of) 

NHS DSP Toolkit 

NIS2 

ISO27001 

Microsoft Sentinel (or other SIEM solution) 

Microsoft Purview 

Strategy creation 

We reserve the right to close our adverts early if a successful candidate is found, so please submit your application as soon as possible.

Two Saints is committed to safeguarding and safer recruitment. We carry out pre--employment checks such as DBS checks, Overseas police checks (where appropriate), reference checks, and CV gap querying for all new staff members.

About Us

We offer support to people who are homeless, vulnerable or at risk of becoming homeless and need help rebuilding their lives for a brighter future. Our services include safe, flexible and reliable client led housing and support with a focus on reducing homelessness, improving health and wellbeing and building on individual’s skills and resilience to break the cycle of homelessness, poverty and exclusion.

We work in partnership with multiple agencies and authorities to deliver support and accommodation needs across Berkshire, Hampshire, Isle of Wight and Dorset.

We are dedicated to safeguarding all young people and adults with our services. We follow safer recruitment practices for all our vacancies to assure that all successful candidates are suitable to work with our clients.

We’re committed to creating an inclusive and diverse workforce that embodies our values and promotes a tolerant and respectful environment where everyone can feel empowered to succeed.

We welcome and encourage applications from people of all backgrounds and will support with any reasonable adjustments needed during the recruitment process.