Security Analyst

Bournemouth, England, United Kingdom

8/6/2025

Job Description

Twenty7tec transforms financial advice through technology. We partner with businesses of all sizes who share our ambition to simplify, streamline and digitise financial services in the mortgage and wealth markets. All our partners are different, so our technology can be customised to meet both the needs of the business and the needs of the client. As such, we need talented people to join our growing team and are excited we have new opportunities to do so.

We currently have an amazing opportunity for a Security Analyst to join our friendly team. 

In this role, you will ensure the security of systems, data, and cloud environments through technical expertise, practical implementation, and cross-functional collaboration. The role leads the operationalisation of the organisation’s security strategy—including the adoption of the NIST Cybersecurity Framework and preparation for ISO/IEC 27001 certification by 2027. Strong technical proficiency with Microsoft 365 and Azure, engagement with development teams, and a pragmatic approach to modern cloud security are essential.

About Us
The power and benefits of great financial advice are unquestionable. Twenty7tec, through our Velocity platform, is committed to designing and building exceptional technology that supports mortgage, protection, and wealth advisers in delivering exceptional client outcomes. Our technology is used by advisers, lenders, product providers, and financial institutions to underpin the effective delivery of financial advice to millions of consumers in the UK. On a daily basis, over 16,000 mortgage, protection and wealth advisers utilise our Velocity platform.

Twenty7tec is a diverse employer, and we understand that everyone is unique. If you require additional information or reasonable adjustments to help you with your application or interview, we would be very happy to assist. If your application is successful and you are invited to an interview, we will provide you with an information sheet giving insight into our interview process, so you know what to expect.

Recruitment Process
Applications for this role may require a short online assessment to establish competency in certain skill areas. If your application is successful, you will be invited to a short telephone screening call with a member of our HR team. This is an informal conversation to find out a little more about you and your expectations ahead of potentially moving on to a formal interview. If you are invited to an interview, this may be carried out at our Bournemouth office, or online via a video call depending on your location. Interviews are conducted with the line manager for this role. A second interview may be required depending on the specific job role and may be attended by a member of senior management where required. Don’t worry though, we’re all very friendly!

Job Requirements

About You
You will have:

• Degree Level Qualification  Relevant to IT, Cybersecurity or equivalent experience
• Security Certifications  E.g., AZ-500, SC-200, CISSP, ISO27001 Lead Implementer
• 5+ years in cybersecurity, preferably in cloud-native or regulated industries
• Hands-on experience with M365 security stack, Intune, Purview, and Azure AD
• Practical implementation experience
• Familiarity with certification readiness
• Experience with internal/external audits, risk registers, gap analysis 
• Experience supporting secure SDLC practices, threat modelling, code review engagement
  
  
  
  
  
  
  

Job Responsibilities

You will:

• Provide hands-on security expertise across Microsoft 365 and Azure environments (Azure AD, Intune, Microsoft Defender, Purview, Conditional Access).
• Lead adoption of the NIST Cybersecurity Framework organisation wide.
• Develop, maintain, and monitor a gap analysis and maturity roadmap towards ISO/IEC 27001 certification.
• Participate in internal and external audits, ensuring proper documentation, processes, and controls.
• Engage with development teams to embed secure practices, conduct threat modelling, and support secure code reviews.
• Lead the SecOps working group, overseeing auditing, vulnerability management, and incident response activities.
• Contribute to security risk assessments, due diligence, and technical change reviews.
• Implement and manage security tools, logging platforms, and detection technologies for threat monitoring.
• Develop and maintain security documentation, policies, standards, and procedures.
• Communicate technical risks and controls to both technical and non-technical stakeholders.
• Investigate and report on security breaches; assist with forensics and incident remediation.
• Stay current with emerging threats, vulnerabilities, and best practices, recommending technical responses as needed.
• Lead security awareness initiatives and staff training company-wide.

​
The above is not an exhaustive list of duties, and you will be expected to perform additional or other duties as necessary to meet the needs of the business. 
​

Job Benefits

You'll be joining a company that looks after its people. Twenty7tec is currently ranked as a "Best Technology Company" to work for and holds a Best Companies "Outstanding Company to Work For" official accreditation

• Flexible working location 
• Increase on length of service up to a maximum of 28 days holiday plus bank holidays
• Enhanced Maternity and Paternity Leave
• Pension scheme
• Death In Service Insurance
• Financial coaching and salary advance platform
• Cycle to work scheme
• Learning and development opportunities, including a Udemy for Business Licence
• Wellbeing programme, including access to Mental Health First Aiders
• Health care plan (dependent on length of service)
• Dog-friendly office
• In-person and remote social events throughout the year
• Salary Range - £45,000 - £60,000 GBP