Analyst - Cyber Security & Technology Governance

Location Merseyside
Discipline: Information Technology
Job type: Fixed Term
Salary: £33,583 - £41,416
Contact email: hrsupportteam@livvhousinggroup.com
Job ref: 003502
Published: 14 days ago
Duration: 12 months
Expiry date: 12 Oct 2025 23:59

Department: IT 

Reports To: Manager - Cyber Security

Directly Responsible For: N/A 

Hours: 37 hours per week

 

Overall team / department purpose

The IT team's core responsibilities are managing IT infrastructure, supporting software applications, and ensuring network and cyber security whilst taking the strategic lead on digital initiatives. We lead the charge in driving digital transformation across the business. This includes spearheading the adoption of innovative technologies, developing digital strategies to enhance operational efficiency, and leveraging data analytics to drive informed decision-making. The IT team are positioned at the forefront of digital innovation enabling us to thrive in an increasingly digital landscape. 

Key role priorities

This role supports the business’s cyber security posture and technology governance. It involves managing security operations, contributing to infrastructure oversight, and enabling responsible adoption of emerging technologies including AI. The role requires prior experience in cyber security, GRC, and infrastructure. It plays a key part in incident response, compliance, and strategic technology initiatives such as AI adoption.

Key working relationships

You will maintain key working relationships with business stakeholders to understand requirements and ensure that solutions are implemented with security at the heart. You collaborate closely with IT Leads, infrastructure and application teams to ensure security is embedded across systems and services.  You will ensure our business remains compliant and meets is regulatory requirements. You will be part of the incident response team for both cyber and business continuity; working to mitigate breaches and restore operations.

Main duties & responsibilities

*        Ensure timely resolution or escalation of service desk requests/incidents; communicating promptly on progress, and handling our customers with a consummately professional attitude.

*        Act as a key contributor to threat monitoring, cyber incident response and business continuity.

*        Maintain and update security playbooks, SOPs, and incident documentation.

*        Monitor and manage operational security tools including Mimecast, security event monitoring, endpoint protection (Sophos), M365 security and compliance configurations and vulnerability scanners.

*        Collaborate with infrastructure teams on firewall rule reviews, network segmentation, asset management, and patching schedules.

*        Support Microsoft Purview configuration, IAM, and data governance activities within the M365 ecosystem.

*        Contribute to security architecture reviews and provide input on secure design principles for new systems and services 

*        Assist with compliance efforts including Cyber Essentials, NIST CSF, and ISO27001.

*        Contribute to awareness training, phishing simulations, and user education.

*        Participate in forensic investigations and post-incident reviews.

*        Support cyber security focussed governance, risk, and compliance (GRC) activities including:

o   Maintaining and evolving the ISMS

o   Supporting internal audits and risk assessments

o   Tracking and reporting on compliance posture

*        Stay informed on emerging technologies including AI, cloud, and automation.

*        Support governance and risk assessments for new technology implementations.

*        Support the rollout and adoption of Microsoft Copilot across our business, including configuration, policy alignment, and user enablement.

*        Contribute to the governance of AI technologies, ensuring responsible use, data protection compliance, and alignment with ethical standards.

*        Assist in developing and maintaining AI-related security controls, including access management, data classification, and monitoring.

*        Collaborate with business units to identify use cases for AI tools and support secure implementation and integration into workflows.

*        Monitor AI-related risks, including data leakage, model misuse, third-party AI integrations, and contribute to mitigation strategies.

*        Support onboarding and assurance activities for new vendors and partners.

*        Assist in reviewing third-party security controls, supply chain risks and monitor vendor compliance with security standards or contractual obligations.

*        Assist with monitoring and reporting on cyber security related matters to leadership teams.

*        Complete any other tasks commensurate with the level and nature of the post as delegated by the role’s line manager.

Key measures of success

*        Timely and effective response to cyber incidents, with documented post-incident reviews and improvements.

*        Security tooling, playbooks, and SOPs maintained and aligned with evolving threat landscape and business policies.

*        Compliance with internal and external frameworks (e.g. Cyber Essentials, ISO27001, NIST CSF) demonstrated through audit readiness and reporting.

*        Successful rollout and adoption of Microsoft Copilot and other AI technologies, with measurable user engagement and governance controls in place.

*        Constructive collaboration with infrastructure, application support, and business teams to embed security into systems and processes.

*        Effective vendor onboarding and assurance, with supply chain risks identified, tracked, and mitigated.

*        Delivery of awareness training and phishing simulations, with improved user resilience and reduced risk metrics.

*        Contribution to strategic technology initiatives, including secure design input, cloud security, and digital transformation.

*        Regular reporting of cyber metrics and risk posture to leadership, supporting informed decision-making and board-level assurance.

*        As part of the broader team, ensure that all users are continually provided with an effective and timely support service for issue resolution.

Livving our values

Livv’s a place with opportunities to grow. We believe in empowering you to make a positive impact in your own unique way. Our values embody what matters to us and show what it means to be Livv, together: 

Making a difference daily

We invest in our people, our customers and in the creation of a fairer society.

Positively open

We’re open to feedback at all times, as we strive to deliver a first-class customer experience.

Forging the right way

We’re creating an inspiring road which others will want to follow.

Together as one

Our teams work on another level of cohesiveness to enable us to deliver better outcomes.

Each one of us

*        listens to our customers and makes their needs a priority

*        is committed to equality, diversity and inclusivity

*        takes a flexible approach and works where we’re needed

*        follows health and safety guidelines to keep ourselves, colleagues, and customers safe

*        helps reduce risks by proactively communicating any potential issues to our line managers

*        protects sensitive information by safeguarding customer, colleague and third-party data

*        is guided by our policies, procedures and social aims

*        is dedicated to continual learning and taking ownership of our personal and professional development.

 

Person Specification

E - Essential criteria / D - Desirable criteria 

Education & Qualifications

Degree or equivalent relevant qualification or experience in computer science, security or a related subject with a significant component of IT (E)

Professional technical qualification or certification such as MCP, CISSP, Security+ etc. (D)

Experience

Previous successful experience in a similar role (E)

Good knowledge of network security, and the cyber threat landscape (E)

Experience of IT governance and compliance standards (For example Cyber Essentials, NIST CSF and ISO 27001) (E)

Experience with cloud security principles and controls across SaaS, PaaS, or IaaS environments. (D)

Experience working with third-party vendors and supply chain assurance (D)

Experience investigating cybersecurity incidents and undertaking reporting/remedial action as required (D)

Experience contributing to or maintaining an ISMS (D)

Experience supporting security audits or certification processes (D)

Awareness of AI technologies and their security implications (D)

Experience supporting AI-related technologies or platforms such as Microsoft Copilot, including configuration, governance, and user enablement initiatives (D)

Previous successful experience in infrastructure (D) 

Skills, knowledge & ability

Good knowledge of optimising and managing security and IAM toolsets such as antivirus / endpoint protection, Office 365 Security & Compliance, Entra ID Management and vulnerability management platforms (E)

Knowledge of multifactor authentication (MFA) architectures and Role-based Access Control (RBAC) implementations to best practices (E)

Excellent communication skills (oral and written), including the ability to have effective, proactive two-way flow of jargon-free communication with all system users (E)

Ability to keep abreast of all relevant IT developments to enable continuous improvement in service delivery (E)

Excellent interpersonal skills, including the ability to develop and maintain constructive working relationships (E)

Ability to think long term and take a long-term view of services (E)

Scripting or automation (e.g Powershell / Python) (D)

Personal characteristics

An organised approach to work, including prioritising own work and that of others whilst working under pressure (E)

Demonstrate a passion for cyber security, implementation and governance. (E)

Calm, driven and resilient (E) 

Results and customer focused (E) 

Other

A flexible approach to hours worked - role may require some out of hours requirements (E)

Able to travel independently to other locations (E)

 

Give Get Go  

As part of our commitment to the Give Get Go Programme, we will ensure that applicants who meet all essential criteria, as defined in the person specification, will be guaranteed the opportunity to demonstrate their abilities at interview. Individual’s names will be confirmed with the Give Get Go Programme.   

Should you wish your application to be considered under this scheme, please  email us confirming this, along with your full name and the role you have applied for when you submit your application. Please ensure that you do this before the closing date for the vacancy.  

Equality and Inclusion  

Please visit here  to read more about Livv inclusive and our approach to equality and inclusion.  

Disability Confident  

The Equality Act protects disabled people from discrimination, and we welcome applications from disabled people. The Equality Act defines a disabled person as someone who has a physical or mental impairment which has a substantial and adverse long-term effect, usually at least 12 months, on their ability to carry out day to day activities.  

We will try to provide access, equipment, or other practical support to ensure that disabled applicants are not disadvantaged by their disabilities.  

Data Protection  

We fully recognise your rights under current Data Protection Laws and are committed to protecting the privacy and security of your personal information. We collect and process personal data relating to applicants to manage the recruitment process effectively, including for statistical purposes.  

For full details please see our Job Applicant Privacy Policy   

If you require any additional support when completing your application, please  contact us