Senior Cyber Risk Analyst

Senior Cyber Risk Analyst | Infrastructure & Security Risk | World Renowned Arts Institution

\n
• Salary: £50,000 - £60,000
\n
• Location: London (hybrid)
\n
• Working pattern: 36 hour working week with flexible start/finish times.
\n
• Note: Visa sponsorship is not available for this role
\n

The Role
A world-renowned arts and cultural institution is looking to hire a Cyber Risk Analyst to strengthen its information security capability during a period of ongoing technology and security maturity.

You’ll be joining a sizeable technology function operating at real scale, supporting thousands of devices, over a thousand end users, and systems critical to an organisation welcoming millions of visitors each year. This role is focused on real-world cyber risk, not box-ticking, working closely with senior security leadership to assess infrastructure, networks, systems, and third parties as they actually operate.

It’s a newly shaped role with genuine scope to influence how cyber risk is understood, assessed, and improved across the organisation.

Non-Negotiables

\n
• Security qualifixation such as CompTIA Security+, CISSP, CISM, CEH, or equivalent,\n
\n
• 3-4 years’ practical experience in cyber security risk, technical assurance, or IT audit roles
\n
• Networking fundamentals knowledge including ports, firewalls, segmentation, and isolation
\n
• Ability to assess real technical risk, not just control statements or policies
\n
• Confidence working with non-security teams to challenge assumptions and improve outcomes
\n

What You’ll Work With

\n
• SIEM tooling including Microsoft Sentinel and Log360
\n
• Cyber risk assessments across infrastructure, networks, and systems
\n
• Network architecture, firewall rules, segmentation, and access controls
\n
• Third-party and supply chain risk reviews
\n
• Risk registers, remediation tracking, and maturity assessments
\n
• Collaboration with infrastructure, support, compliance, and security teams
\n

Nice to Haves

\n
• Background in SOC, infrastructure, or technical security roles
\n
• Exposure to penetration testing concepts (understanding how testing works, not hands-on delivery)
\n
• Experience improving immature or overly compliance-led risk processes
\n
• Familiarity with public sector or highly regulated environments
\n
• Security certifications (or working towards one)
\n

Why Join / Projects

\n
• Move cyber risk away from “tick-box” audits into meaningful technical assurance
\n
• Play a key role in improving how risk assessments are performed across the organisation
\n
• Influence security maturity during an ongoing cyber capability review
\n
• Work directly with senior security leadership and have genuine input into decisions
\n
• Join a team that values critical thinking, curiosity, and asking better questions
\n

Employee Benefits

\n
• 28 days annual leave
\n
• 10% employer pension contribution (no employee contribution required)
\n
• Season ticket loan
\n
• Cycle to Work scheme
\n
• Heavily subsidised staff canteen
\n
• 36-hour working week with flexible start and finish times
\n

Senior Cyber Risk Analyst | Infrastructure & Security Risk | World Renowned Arts Institution