Security Analyst
Epsom, KT17
£45,000 - £50,000 plus excellent benefits including personal development training, rising holiday, generous pension, private healthcare
Keywords: IT security, cyber security, risk analysis, SOC analyst, cyber engineer, SIEM engineer, SIEM.
My client is a hugely successful organisation within the financial services sector. They are highly regarded and well-established. They offer a fantastic working environment as well as an excellent benefits package including rising holiday, a generous pension scheme, personal development (training) and private healthcare.
It’s an exciting time to join the organisation as they are growing their IT team and as such, they looking for an experienced Security Analyst to join them on a permanent basis, to be responsible for the management of all security related tools and processes within the organisation.
This role would suit an experienced candidate in a similar, security focussed role (Cyber, IT Security, SOC Analyst, Cyber Engineer, SIEM Engineer etc), who is looking to progress their career in a forward-thinking organisation which heavily rewards its staff.
Security Analyst – Responsibilities:
Cyber Security Tasks:
- Monitoring of corporate environment to identify security issues or incidents (Threat Hunting)
- Monitor, Investigate, and perform root cause analysis on Security alerts and Incidents from multiple information sources. Including, but not limited to Darktrace, LogPoint, F-secure, Mimecast.
- Responsible for managing the business IT vulnerabilities and paths to remediation, through the whole lifecycle to ensure safety and compliance for the Society
- Investigate and analyse security matters, identify methods and solutions in response to security related queries including the ones, submitted by end users
- Perform root cause analysis of security incidents and participate in post-incident reviews to provide practical recommendations for improving the organisation's threat detection and incident response capabilities and overall security posture
- Perform malware analysis and digital forensics where appropriate
- Drive internal phishing campaigns (KnowBe4 platform) and work with management and HR – Training to raise Cyber awareness within the corporate environment
- Stay relevant and current on IT security trends, best practises, and threat landscape (0-day vulnerabilities, etc)
- Own maintenance, renewal and distribution of SSL Certificates
- Conducting and reporting Risk Analysis Assessments (Attack Vectors, Cryptography, Confidentiality law)
- Contribute to planning and development of secure and effective Identity Management both on prem but also on cloud through Microsoft Azure
- Participate in achieving and maintaining Security related certifications (CE+, PCI, ISO27001, etc)
- Liaise with 3rd party and vendors on security issues and incident response
- Contribute to the design & development of security standards, controls, and procedures
- Develop procedures to maintain security and protect systems from unauthorised use and acts of abuse
- Manage the day-to-day operations of the security systems by monitoring system performance, configuration, maintenance, versioning, and repair
- Identify and promote continual service improvement of all cyber security systems
- Updating the cyber security risk register
- Share knowledge with and cross-train other members of the Service Desk & Security team
Security Analyst – Requirements:
- Solid experience in a similar technical Cyber/IT Security/InfoSec based role (e.g., SOC Analyst, Cyber Engineer, SIEM Engineer)
- Experience with security tool sets (SIEM, EDR, NDR, Packet Capture / Analysis, etc.)
- Hands on experience of SIEM & FIM monitoring
- The ability to contextualise, categorise and prioritise security events, incidents, and alerts
- Knowledge of security framework and standards implementation (NiST, ISO27001, PCI-DSS, etc)
- Demonstrable passion and enthusiasm for security, including the ability to keep current with the latest threats, technologies, and trends
- Thorough understanding of adversarial tactics, techniques, and procedures
- Knowledge of infrastructure, cloud, virtualisation and network concepts and technologies, particularly in a Microsoft-centric environment
- Strong attention to detail with an analytical mindset and the ability to spot and investigate anomalous behaviour
Security Analyst – Technologies and Environment:
SIEM – Logpoint, Automated Intrusion and response – Darktrace, Antivirus / Malware detection – F-secure, Bit Defender, Email Filtering & Web Security – Mimecast, FIM – Tripwire, VMware & VDI Horizon, Windows Environment, Microsoft Azure & O365, AWS, WAF, Duo Multifactor Authentication
In return, my client offers the chance to play a key role in shaping the IT security within a growing financial services organisation. Sound interesting and something you would love to be part of? Apply today!
Integral Recruitment is acting as an employment agency in regard to this advertisement.