Graduate Security Analyst

At the Student Loans Company, we process almost 1.5 million student finance applications every year. We dedicate ourselves to supporting 9.4 million customers and administer a loan book valued at £227.5 billion.

Whether a customer is applying for student finance or repaying their loan we want to make their experience as easy as possible, at the same time as delivering the exceptional service that they deserve.

The Security department at SLC brings together a wide range of specialist teams, all working collectively to safeguard the organisation from threats and to protect SLC’s technical infrastructure and data at every level.
As a Graduate Cyber Security Analyst, you’ll play an important role in supporting day‑to‑day operational activity, contributing to continuous improvement work, and helping deliver key projects within Security or across wider business initiatives. As part of this 24‑month rotational programme, you’ll gain hands‑on exposure to critical business activities while developing core skills aligned to Cyber Security.

​You will contribute meaningfully to strengthening SLC’s security posture, rotating through different departments:

•  Security Operations,
• Engineering,
• Governance,
• Assurance,
• Identity,
• Risk

This variate experience will help you understand how each area works together to defend the organisation and manage threats proactively.

​Essential

Ability to;

• communicate and collaborate effectively with colleagues and customers by actively listening and delivering quality information timely
• manage, interpret, and use data to support decision making and drive effective outcomes
• use digital tools and technologies to communicate, access information, and solve problems
• identify, assess and manage risks to minimise potential impacts
• demonstrate readiness to new ways of working and remain effective in ambiguous situations while identifying opportunities for continuous improvement
• A clear interest in Cyber and Information Security
• Awareness of common security threats and the importance of common security concepts (RBAC, Encryption, Secure Protocols, Vulnerability Management, Logging and Monitoring etc) via education or experience
• Understanding and basic experience of infrastructure systems administration (UNIX, Windows) and common Networking protocols via education or experience
• Awareness of security frameworks and standards such as CAF, NIST, PCI DSS and OWASP via education or experience
• Effective problem-solving skills and attention to detail
• Ability to follow documented procedures and contribute to technical documentation

Desirable

• • Internship or placement experience in a related field
  • Industry recognised certifications relating to Information Security, cloud services or networking
  • Membership with a relevant professional body (e.g. ISC2, ISACA, BSC)

• Ability to triage, escalate and remediate security incident based on criticality
• An understanding of a wide range of security controls such as PAM, NAC, IAM, XDR etc
• Understanding of cloud platforms and their security features (AWS, Azure)
• Understanding of laws, regulations, policies, and ethics as they relate to cybersecurity and privacy
• Awareness of Risk Management methodologies, and risk assessment techniques, e.g. risk appetite, gap analysis, control identification and implementation