Information Security Analyst

SUMMARY

Reporting to the Information Security Operations Manager, the Information Security Analyst undertakes the day-to-day operations of the existing security solutions, and uses these tools to identify, investigate and resolve security events detected by those systems. Additional responsibilities involve supporting the implementation of new security solutions, participation in the creation / maintenance of policies, standards, baselines, guidelines and procedures. In addition, you will organise and conduct vulnerability audits and assessments.

The Information Security Analyst will be fully aware of companies security objectives, have a thorough understanding of the threat landscape, and will work with a global team to mitigate threats and maintain best-in-class security.

Principal Duties

• Assist with the management and operation of security controls.
• Help in streamlining and automating of security controls in order to improve overall security posture of the organisation.
• To take the lead on security incidents, identification, and remediation.
• Support operational transition for the deployment, integration and configuration of new security solutions and of any enhancements to existing security solutions.
• Monitor all in-place security solutions for efficient and appropriate operations.
• Conduct security focused reviews and analysis of log files and reports of devices, systems and network traffic (i.e., workstations, servers, network devices). Interpret results and resolve issues identified.
• Investigate security alerts and provide incident response if and when required, working with global team to help mitigate and resolve incidents.
• Support and contribute to red/blue team testing and cyber threat based table top exercises.
• Develop maintain and implement system hardening procedures.
• Maintain up-to-date detailed knowledge of the IT Security industry, including the development of new attacks and threat vectors.
• Provide a point of escalation for the Service Desk, IT and Business support teams with respect to security-related events.

Experience/Technical Skills

• At least 3-5 years' experience operating in a hands-on IT Security capacity.
• Strong IT Security Analytic skills with Cyber Threat awareness and experience.
• Good working knowledge of adversary tactics and techniques. E.g. MITRE ATT&CK.
• Proven experience working with Security Operations (SIEM) and responding to security alerts. Developing and refining use cases.
• Excellent understanding of implementing, managing, interrogating and reporting of security controls.
• Strong knowledge of vulnerability management and scanning tools.
• Good networking knowledge, firewalls, routing & switch, OSI model and associated protocols (TCPIP).
• Good operating system knowledge (Windows, Linux and Unix)
• Scripting and programming experience most beneficial.
• Knowledge and experience of M365 and Azure (Defender) cloud security.
• Proven knowledge of technologies such as EDR, NDR, IDS and IPS tools, WAF, Web Proxies, Email Security, Deception, SIEM and SOAR solutions.
• Knowledge of implementation and maintenance of PKI and HSM infrastructure very beneficial.
• Desirable experience of designing and implementing security solutions/controls for on-premises and cloud environments.
• Knowledge of security best practices and frameworks ISO27001, Cyber Essentials+, CIS CSC20, NIST, ISF, OWASP etc.
• Security-focused industry certifications or third level degree is desirable such as CISSP, CISM, CompTIA, CCSP, CEH, SANS (GNFA / GCIH / GMON / GCCC / GCSA), SC-200, AZ-500 etc.

Carbon60, Lorien & SRG - The Impellam Group STEM Portfolio are acting as an Employment Business in relation to this vacancy.