Title:  IT Security Analyst

We’re looking for a proactive and experienced individual ready to take the leap into a IT Security Analyst role.

The Security Analyst will play a critical role in strengthening Aramark UK’s security posture by supporting Cyber Essentials+ and ISO 27001 certification, managing security operations, and embedding a security-first culture across technology and business teams.

The role is hands-on and delivery-focused, supporting gap remediation, audit readiness, supplier assurance, vulnerability management, and incident response across a complex, multi-sector environment.

This role will work closely with UK IT, Global Security, third-party security partners, and auditors to ensure controls are implemented, evidenced, and operating effectively.

This is a permanent full time position, hybrid working with 3 days in our Leeds office (LS16)

Key Benefits: 

• Salary up to £32,500
• Hybrid working 
• Generous annual leave that increases in line with service, with the opportunity to buy extra 
• Life assurance and pension scheme 
• Benefits app: access to 100s of discounts, free mortgage advice, cycle to work scheme, health cash plans, online GP appointments, and our Employee Assistance Programme 
• FOOD! Opportunities to attend in-house events and try the culinary genius of our teams (we are a food business after all!)

Key Responsibilities: 

• Support the design, implementation, and ongoing operation of the Information Security Management System (ISMS) aligned to ISO 27001, including policies, procedures, risk registers, & control evidence
• Maintain and update security documentation, ensuring version control and accessibility as a single source of truth.
• Support delivery of ISO 27001 certification, Cyber Essentials+, PCI DSS compliance, and other regulatory obligations such as UK GDPR.
• Conduct risk assessments, threat modelling, and control effectiveness reviews across applications, infrastructure, and third-party services.
• Assist in the investigation and response to security incidents, ensuring root cause analysis and lessons learned are captured.
• Detail-oriented with strong documentation discipline
• Pragmatic and business-focused approach to security
• Confident communicator able to influence non-technical stakeholders

Key Requirements: 

• 3+ years in an information security, IT risk, or security operations role.
• Experience working in complex, multi-site or regulated environments.
• Comfortable working with auditors, third-party consultants, and senior stakeholders.
• CompTIA Security+, CISSP, CISM or equivalent
• Practical experience supporting ISO 27001 / ISMS environments.
• Knowledge of:
  • Identity & Access Management
  • Endpoint and malware protection
  • Vulnerability management
  • Logging and monitoring
  • Secure configuration and patching
  • General Microsoft O365 security principles

If you are applying for this role and you already work for Aramark, you must notify your line manager before submitting your application.  

At Aramark UK, we are committed to creating a diverse and inclusive workplace where everyone is valued and empowered to thrive. As a proud Disability Confident and Forces Friendly employer, we actively encourage applications from individuals of all abilities and are dedicated to supporting employees with disabilities throughout their career journey.  

We ensure our recruitment process is accessible, and reasonable adjustments are available at every stage, from application to interview and employment. If you require any accommodations or have any questions, please reach out to our recruitment team – careers@aramark.co.uk  

All applications will be treated in the strictest confidence.  

Job reference: (642893)