Cyber Security Analyst

KCOM is a company committed to community, innovation, and commitment, providing broadband services since 1904. The Cyber Security Analyst will play a vital role in protecting the company's information and systems by identifying cyber risks, monitoring security threats, and ensuring compliance with security standards.

Responsibilities

• Identify, assess and report cyber security and privacy risks in line with KCOM’s risk management framework
• Develop, maintain and support information security policies, standards and procedures
• Operate and monitor security technologies including SIEM, vulnerability scanning tools, EDR/XDR and other security platforms
• Manage vulnerability scanning, penetration testing and remediation activities, working closely with delivery and network teams
• Investigate and respond to security incidents, from detection and analysis through to containment, recovery and lessons learned
• Maintain incident response playbooks and support business continuity and disaster recovery planning
• Monitor emerging cyber threats, technologies and best practice relevant to the telecoms sector
• Produce clear, accurate cyber security metrics and performance reports for stakeholders
• Support compliance with recognised frameworks and standards such as ISO 27001, Cyber Essentials Plus and NCSC CAF

Skills

• Experience or strong familiarity with cyber security governance, risk management and compliance activities
• Exposure to security monitoring, vulnerability management and incident response processes
• Knowledge of common security technologies such as SIEM, firewalls, IDS/IPS, EDR/XDR, vulnerability scanners, phishing simulation tools and cloud security (ideally Microsoft Azure)
• Understanding of security frameworks and standards such as ISO 27001, Cyber Essentials Plus, NIST, NCSC CAF or CIS
• Strong written and verbal communication skills, with the ability to engage both technical and non‑technical stakeholders
• Ability to manage multiple priorities, work under pressure and contribute to continuous improvement
• A recognised cyber security qualification, such as a Level 4 Cyber Security Apprenticeship or equivalent
• Confidence using Microsoft tools including Word, Excel and PowerPoint
• Certifications such as CompTIA Security+, CySA+, Certified SOC Analyst (CSA), Microsoft SC‑900, Certified in Cybersecurity (CC) or GSEC
• Experience working in IT infrastructure, network operations or technical support environments
• Knowledge of cloud security principles, particularly within Microsoft Azure

Benefits

• 28 days holidays plus bank holidays
• Excellent Pension Scheme with generous employer contributions
• Volunteering days
• Life Assurance and Income Protection
• Corporate Discount schemes
• We support hybrid and remote working
• A variety of health, wellbeing and lifestyle benefits to choose from

Company Overview