Cyber Security and Compliance Analyst Ref : 1929

School/department: IT Services
Hours: full time or part time hours considered up to a maximum of 1 FTE. Requests for flexible working options will be considered (subject to business need).
Contract: permanent 
Reference: 1929 
Salary: starting at £33,797 to £40,322 per annum
Placed on: 21 August 2019 
Closing date: 30 September 2019.  Applications must be received by midnight of the closing date. 
Expected interview date: September / October
Expected start date: As soon as possible.


Job description

This is an exciting time to join the University of Sussex, supporting us on a new journey of digital transformation. As a Cyber Security and Compliance Analyst you will be playing a crucial role in supporting the implementation of new standards of excellence in cyber security.

You will be responsible for:

  • Working to ensure that cyber security risks are identified and managed before they can become an issue
  • Monitoring threats and risks to University digital system, ensuring remediation is followed in a timely way
  • Supporting the cyber security improvement programme, including working to achieve Cyber Essentials Plus accreditation in the short term and ISO 27001 accreditation in the future
  • Carrying out audits and risk assessments that support the University’s digital strategy
  • Supporting wider University efforts around GDPR and PCI-DSS compliance

 You will:

  • Use a range of tools and techniques to carry out regular checks to identify any potential or actual cyber security threats
  • Review security incidents as they are raised and assess the most appropriate way for them to be addressed
  • Work with the Cyber Security Lead to identify and carry out activities necessary to achieve and maintain Cyber Essentials Plus certification
  • Work with colleagues to complete and assure continued compliance with Payment Card Industry Data Security Standard (PCI-DSS)
  • Carry out periodic reviews and assessments to ensure continued compliance with any achieved security standards
  • Ensure that vulnerability and penetration testing activities are successfully carried out

 You will have:

  • An excellent working knowledge of cyber threat landscape including emerging threats, risks and vulnerabilities
  • A working knowledge of cyber security legislation and standards such as GDPR, Cyber Essentials, PCI-DSS, ISO 27001
  • Skills in identifying, analysing and remediating security issues
  • Excellent interpersonal skills including the ability to communicate complex technical information to both technical and non-technical audiences
  • Demonstrable experience of cyber security tools, information security technologies and best practice processes
  • Industry qualifications such as CISM, CompTIA, PCI ISA or similar would be highly desirable

 The University of Sussex values the diversity of its staff and students and we welcome applicants from all backgrounds.

Download job description and person specification Ref 1929 [PDF 91.58KB]


How to apply

Download our professional services application form [DOC 183.00KB] and personal details and equal opportunities form [DOC 162.50KB] and fill in all sections.

You must email your completed application, and personal details and equal opportunities form, to itsrecruitment@sussex.ac.uk

You should attach your application form and all documents to the email (don't use a web-based upload/weblink service) and use the format job reference number / job title / your name in the subject line.

You can also send your application by post to Human Resources Division, Sussex House, University of Sussex, Falmer, Brighton, BN1 9RH.

Download our terms and conditions summary for Administrative Staff and Other related faculty [DOC 37.00KB]


You might also be interested in: