
How your CV stacks up
Upload your CV to see how well it fits this job role
?%
Reporting to the Group Security Operations Manager, the purpose of the IT Security Analyst is to assist with maintaining and enhancing our IT infrastructure and carrying out information security related tasks.
You'll work directly with the Group SecOps Manager to keep our ISMS, ISO 27001 and security posture in good shape, and act as the first point of triage for security incidents in UK working hours before escalation.
We are seeking a motivated and detail-oriented IT Security Analyst to join our team. In this role, you will be responsible for performing regular scheduled IT security tasks, audits, reviews and validation of security controls in accordance with our established policies and procedures. The IT Security Analyst will play a critical role in safeguarding our organisation's information assets and ensuring compliance with applicable regulations.
The role provides a great opportunity to build on existing experience and take a career in IT Operations, Security and Support to the next level in the Idox, working in a forward-thinking environment with a team around them that’s passionate about technology and innovation.
Key Responsibilities:
- Perform regular IT and security tasks, such as vulnerability/patch assessments, log monitoring, user and group security management and security incident response.
- Conduct periodic manual and automated audits and reviews of IT and security controls to identify vulnerabilities, weaknesses, and non-compliance with established policies.
- Assist in the development, implementation, and maintenance of IT security policies, procedures, and standards across all business functions, divisions and products.
Security operations & monitoring
- Triage alerts from our standard toolsets, escalate genuine incidents to L2/3 and the SOC per runbook.
- Support vulnerability management through Qualys (VMDR/WAS) and Wiz.io — scanning, validation, trending, and progressing remediation with product and technical owners.
Incident response (triage & coordination)
- Maintain a list of key Incident response members/roles for rapid mobilisation.
- Review initial evidence provided to triage newly reported incidents and mobilise and coordinate Incident Response / Investigation teams.
- Maintain incident records, timelines and post-incident notes in the ticketing system to support reporting and ISMS evidence.
Audit, compliance & ISMS support
- Support ISO 27001, ISO 22301 and Cyber Essentials Plus activity - evidence gathering, control walkthroughs, non-conformance tracking, and remediation chasing.
- Run periodic manual and automated control reviews against established Idox policies and standards.
- Maintain ISMS records in SharePoint; support internal audit and external assessor sessions.
- Support customer and regulatory assurance responses (VAQs, due-diligence questionnaires) via the assurance workflow
Reasons to use Rodeo
I’m in my final year doing Economics and I don’t know whether to apply for grad schemes now or do a masters first. What do you think?
Honest answer — it depends on where you want to end up. A lot of top grad schemes (Big 4, civil service, banking) don’t need a masters. Let’s look at the ones you’d be competitive for now, and we can decide if a masters actually adds anything.
Also worth knowing: most autumn 2026 applications are open now. Timing matters more than you think.
Start with a chat, not a search bar
Grad scheme, placement, apprenticeship? Not sure what you want yet — that's fine. Your agent talks it through with you and turns "I have no idea" into a shortlist.
Graduate Consultant — 2026 Scheme
Why you're a good match
StrongYour economics background and your summer at a regional bank line up with what PwC looks for on the consulting scheme. Applications close in four weeks.
See breakdownIt searches the market for you
Every day your agent scans the market matching roles against what actually matters to you, not just keywords on a CV.
Why you're a good match
You’ve got the grades and the economics background, and your bank internship is exactly the experience this scheme looks for. Apply soon — deadlines close within the month.
Experience fit
Your summer at the bank plus your econometrics coursework map directly to the day-one responsibilities on this scheme — client modelling, market briefings, and deal support.
Only hits
No noise. No "maybe this fits." Just roles with a clear explanation of why they're right — and where to focus when applying.
Vendor & third-party assurance
- Run the day-to-day vendor assurance queue: triage requests, request artefacts, log outcomes in the assurance tool.
- Operate SecurityScorecard and equivalent tooling for ongoing third-party monitoring; escalate material issues.
User awareness & phishing
- Operate the phishing simulation platform, track results and feed into the awareness programme.
- Monitor security training completion and chase outstanding actions.
Tooling & continuous improvement
- Work across the Idox security estate (Defender XDR, Entra ID, Intune, Purview), Qualys, Wiz.io, Security Scorecard, InsightIDR and our phishing simulation platform.
- Identify and implement small operational improvements — automation, dashboards, runbook updates.
Who Should Apply?
This is a fantastic opportunity to work in a growing Idox environment with excellent career progression available.
- With a global client base the role offers an opportunity to experience a wide variety of digital transformation projects – each with their own unique requirements and opportunities.
- We take career progression seriously, with investment into new and existing employee learning and development.
- You will have the flexibility to work from home, in the office or remotely.
Skills and Qualifications:
- HNC/D or above in Computer Science, Information Security, or a related field. Relevant certifications (e.g., CompTIA Network+/Security+, Cloud/Server Administration)
- Some knowledge of common IT security frameworks and standards such as ISO 27001, PCI DSS, UK GDPR, NIST Cybersecurity Framework, or CIS Controls.
- Some familiarity with security assessment tools and technologies, such as vulnerability scanners, SIEM systems, and intrusion detection/prevention systems.
- Exposure to cloud technologies and systems (AWS, Azure, Office 365, etc.)
- Understanding of network protocols, operating systems, and common security vulnerabilities.
- Good analytical and problem-solving skills, with the ability to identify, assess, and mitigate security risks effectively.
- Good written and verbal communication skills, with the ability to clearly articulate complex technical concepts to both technical and non-technical stakeholders.
- Strong attention to detail and the ability to work independently and collaboratively in a team environment.


Get help with your application
Your very own career expert that helps elevate your application to the next level.
To be successful, you should bring:
- 2–3 years' hands-on experience in IT security, security operations, or a strong IT support background with demonstrable security exposure.
- Working knowledge of ISO 27001, Cyber Essentials Plus and one or more of NIST CSF, ITIL, PCI DSS, UK GDPR.
- Comfortable triaging incidents under pressure, with sensible judgement on when to escalate.
- Firm understanding of application design principles including OWASP best practices.
- Clear written communication - incident notes, audit evidence, vendor assurance responses.
- UK-based with the right to work in the UK
About Idox
Our specialist software solutions power the performance of government and industry, driving productivity and a better experience for everyone. Built around the user and designed in collaboration with experts who have worked through every detail of every process from end-to-end, our hard-working process engines deliver exceptional functionality and embed workflows that drive efficiency and best practice with a long-term focus for regulated environments.
Through the automation of tasks, the simplification of complex operations, finding scalability as operations evolve, and more effective management of information, we help our customers harness the power of Digital, so they can do more.
We employ 750+ staff in the UK and worldwide, including Europe, North America and Asia, so some travel to meet colleagues may be required.
How to apply
Please apply following the link provided via the recruitment channel/ website, or if you cannot see a link, apply via Join.Us@idoxgroup.com where the Talent Acquisition team will review your application. As a result of high candidate volumes, please understand we cannot reply to individual applications, except when shortlisted for interview.
Also, please note successful applicants will need to satisfy the BPSS guidelines (Baseline Personnel Security Standards) which consist of the receipt of satisfactory references covering the last 3 years of employment; an identity check; verification of eligibility to work in the UK; and a Basic Disclosure Check. This is in order to help us make safer recruitment decisions.
Privacy notice
As part of the recruitment process, we will collect data about you in a variety of ways including the information you would normally include in a CV or a job application cover letter, or notes made by our recruiting officers during a recruitment interview.
Please read our Recruitment Data Privacy Policy here: https://www.idoxgroup.com/policies
“It took my CV and asked me questions relevant to understanding what kind of jobs to suggest for me. Suggestions were almost perfect. Jobs were exactly what I’ve been looking for.”
Jessica, London
Skills
Location