Skills

Communication Incident Response Monitoring Decision-making Research Autonomy

Job Specifications

Application Deadline: 23 February 2026

Department: IT

Location: London

Description

The Information Security Analyst is a key member of the Information Security team, responsible for cyber and information security across the business.

The role is operationally focused, with responsibility for maintaining the organisation’s security baseline while supporting audit, assurance, and advisory activities. The scope is broad and hands-on, providing exposure to a wide range of security controls, technologies, and business processes.

The Information Security Analyst operates in a dynamic operational environment where priorities can change quickly. Work frequently involves handling interruptions to respond to incidents and balancing multiple competing demands. While the role is demanding, it is achievable with the right approach and provides strong opportunity to develop operational judgement and security fundamentals.

Analysts are supported through regular team engagement, documented processes, and access to senior team members. In return, the role expects initiative, sound judgement, and the ability to carry out initial investigation and analysis before seeking review or escalation.

The role reports directly to the Head of Cyber and Information Security.

Key Responsibilities

Security Operations & Incident Response

This area of the role provides direct exposure to live security events and operational decision-making, forming a core part of the organisation’s defensive capability.

Act as the first point of review for security alerts, performing triage to distinguish genuine security incidents from false positives or low-risk events.
Investigate security events, gather context, and escalate or resolve where appropriate with clear analysis and recommended actions.
Support incident response activities, recognising that incidents override planned BAU and project work.
Maintain calm, structured decision-making under pressure and document actions and outcomes clearly.

Security Baseline Monitoring & Maintenance

This area of the role is responsible for maintaining the organisation’s day-to-day security baseline, ensuring that security controls remain effective, monitored, and understood across the environment.

Operate and monitor key security controls that underpin the organisation’s security baseline.
Analyse security control outputs to assess risk and control effectiveness.
Track and coordinate corrective actions with technology teams, escalating where control weaknesses persist.
Support audit and assurance activities by providing operational evidence and control status.

Security Assurance & Advisory

This area of the role provides exposure to how security risk is assessed and managed across IT and the wider business, supporting informed decision-making without unnecessary friction.

Conduct defined elements of, and support, security assessments of internal applications, third parties, and business initiatives.
Provide pragmatic security guidance to teams across IT and the wider business (with support from senior team members where appropriate), enabling delivery.
Support audit and assurance activities in line with team priorities.

Operational Discipline & Ownership

This area of the role underpins the team’s ability to operate with autonomy and trust, ensuring security work is visible, traceable, and completed to a professional standard.

Maintain accurate, high-quality ticket handling and documentation across operational and task-planning tools, including clear status updates and next actions.
Progress work to a review-ready standard before escalation.
Own assigned issues end-to-end, ensuring clear communication and closure with minimal day-to-day oversight.

Working Environment & Support

This area of the role describes how the team operates day to day, balancing a demanding operational environment with structured support, collaboration, and opportunities to develop judgement and confidence. The role involves frequent interruption and competing priorities, as security alert triage takes precedence over most tasks.

The role operates within standard UK business hours. Flexibility is expected to respond to incidents or priority issues when required; however, this is not a shift-based or continuously on-call role.
The role is primarily remote but does require occasional travel to head office in Central London and other sites as needed. The candidate must be based within a reasonable travel distance to Central London to support this.
Formal support includes daily team stand-ups and scheduled one-to-one sessions, providing regular opportunity for guidance, review, and development.
Informal support is readily available; however, analysts are expected to consult internal documentation, perform initial research and analysis, and escalate with context specific information and proposed next steps.

Skills, Knowledge & Expertise

These requirements reflect the baseline experience and capability needed to operate ef

About the Company

Established in 1997, Mountain Warehouse has grown rapidly to become the largest Outdoor Retailer in the UK, with 400+ stores worldwide and strong online sales both in the UK and Internationally. To keep us on the cutting edge of the outdoor world we are always on the lookout for talented, enthusiastic people from all walks of life who love to be part of a fast paced team. If you embrace hard work, love change and strive to always make things bigger and better then come join us. We have a vibrant, busy office full of great ... Know more