IT Security Analyst (12m FTC)

BELONG. There’s no place like Principality.

Our home is your home. So, when you decide to join the team, we’ll go further to bring you the warmest of welcomes. From a friendly and inviting environment to a flexible benefit package designed around you – when it comes to belonging, there really is no place like Principality. We keep it flexible wherever possible; we encourage you to look after yourself; we do our bit in the communities we serve and support you in doing the same, and we promise to get better together.

Some reasons you may want to consider working with us; we have an award-winning flexible/hybrid working policy, we’re a 2022 winner of UK Best Large Workplaces for Women, we have a refurbished hi-tech office in the centre of Cardiff designed around colleague feedback, we ranked number 6 for wellbeing in 2022,  we have an extensive financial and well-being benefits package ‘’Belong’’ designed to put our people first, we have consistent colleague engagement scores of over 85% and a caring community of supportive Networks. But that’s not all, discover why there’s really no place like Principality; https://www.principality.co.uk/careers

We’re excited to offer a fantastic new opportunity for a Security Analyst to join our forward-thinking Security team on a 12-month fixed term contract.

This is a key role in safeguarding our digital infrastructure and ensuring the security of systems, networks, and data — both in the cloud and on-premises.

If you’re looking to be part of an organisation that values its people, invests in technology, and encourages professional growth this is the role for you and we would love to hear from you.

What you’ll be doing:

• Performing regular security control reviews and health checks
• Creating and enhancing measures to demonstrate effectiveness and coverage of security controls
• Maintaining and enhancing our cyber reporting framework, including implementing opportunities for automation of data collection and report creation
• Reviewing and updating incident response plans, procedures, and playbooks
• Reviewing and updating technical policies and procedures
• Assisting with internal and external security assessments and audits
• Supporting the investigation and management of security incidents, including root cause analysis, reporting, and identifying control improvements. 
• Contribute to regular security assessments and audits to identify vulnerabilities and weaknesses in systems, networks, devices, and applications.
• Maintain and monitoring key cyber security controls to ensure control performance is effective and appropriately evidenced for compliance, audit and assurance purposes
• Supporting the identification, management and closure of cyber security issues, audit actions and remediation plans to ensure timely resolution and control improvements
• Support technology teams in their work to ensure appropriate alignment, awareness and compliance with security policies, processes and controls.
• Working closely with technology teams to ensure a shared understanding of effective cyber security risk management processes and supporting the embedding of strong risk culture

Who we’re looking for:

• Pro-active self-starter who can identify and progress required activities
• Experience in cyber security risk, governance or assurance within a regulated environment
• Experience testing and assuring cyber security controls implementation, controls automation, risk frameworks, and audit responses
• Experience managing structured policy and process documentation
• Ability to interact with cyber security stakeholders, product owners and technical operational roles
• Familiarity with security frameworks such as NIST, CIS or ISO27001
• Relevant qualifications or experience in IT Security, GRC etc.
• Strong written and verbal communication skills, and data analysis skills
• Ideally you will have a strong understanding of SIEM tools, Windows OS management, Privileged Access management, Windows / Azure environments, and core security tooling applications and approaches.

We would love to hear from you if you already work in a similar role and looking for your next career move. Make 2026 the year for you.

Our most important asset is our people. We value a healthy work-life balance and currently offer a 35-hour work week with our hybrid approach enabling you to have a mix of office days and remote working.  

Your base location for this role will be our Head Office, Principality House, The Friary, Cardiff, CF10 3FA

If you have any questions in relation to this role, please contact the recruitment team at -recruitment@principality.co.uk

‘’We are passionate about creating an inclusive workplace where diversity is celebrated and where colleagues feel a sense of belonging’’ Nigel Taylor, Head of Brand, Impact & Communication. But don’t just take our word for it, see what our colleagues say about working here too; Careers (principality.co.uk)