Senior Cyber Risk Analyst

Senior Cyber Risk Analyst | Infrastructure & Security Risk | World Renowned Arts Institution

• Location:
  
  London (hybrid)
• Working pattern: 36 hour working week with flexible start/finish times.
• Note:
  
  Visa sponsorship is not available for this role

A world-renowned arts and cultural institution is looking to hire a Cyber Risk Analyst to strengthen its information security capability during a period of ongoing technology and security maturity.

You’ll be joining a sizeable technology function operating at real scale, supporting thousands of devices, over a thousand end users, and systems critical to an organisation welcoming millions of visitors each year. This role is focused on real-world cyber risk, not box-ticking, working closely with senior security leadership to assess infrastructure, networks, systems and third parties as they actually operate.

It’s a newly shaped role with genuine scope to influence how cyber risk is understood, assessed, and improved across the organisation.

• Security qualification such as CompTIA Security+,
  CISSP
  , CISM
  , CEH
  , or equivalent,
• 3-4 years’ practical experience in cyber security risk, technical assurance, or IT audit roles
• Networking fundamentals knowledge including ports, firewalls, segmentation, and isolation
• Ability to assess real technical risk, not just control statements or policies
• Confidence working with non-security teams to challenge assumptions and improve outcomes

• SIEM tooling including Microsoft Sentinel and Log
  360
• Cyber risk assessments across infrastructure, networks, systems and a wide variety of software applications
• Network architecture, firewall rules, segmentation, and access controls
• Third-party and supply chain risk reviews
• Risk registers, remediation tracking, and maturity assessments
• Collaboration with infrastructure, support, compliance, and security teams

• Background in SOC
  , infrastructure, or technical security roles
• Exposure to penetration testing concepts (understanding how testing works, not hands-on delivery)
• Experience improving immature or overly compliance-led risk processesli>
• Familiarity with public sector or highly regulated environments
• Security certifications (or working towards one)

• Move cyber risk away from “tick-box” audits into meaningful technical assurance
• Play a key role in improving how risk assessments are performed across the organisation
• Influence security maturity during an ongoing cyber capability review
• Work directly with senior security leadership and have genuine input into decisions
• Join a team that values critical thinking, curiosity, and asking better questions

• 28 days annual leave
• Season ticket loan
• Cycle to Work scheme
• Heavily subsidised staff canteen
• 36-hour working week with flexible start and finish times

Senior Cyber Risk Analyst | Infrastructure & Security Risk | World Renowned Arts Institution