- Company Name
- EMEA resourcing
- Job Title
- Security Analyst
- Job Description
-
Security Analyst
Skills:
One or more (NOT ALL OF THEM ONLY ONE) of the following certifications (CompTIA Security+ CompTIA Cybersecurity Analyst (CySA), GIAC Information Security Fundamentals.
Microsoft Certified Systems Administrator: Security (Qualified or working towards certification)
Associate of (ISC)2
Extensive experience with Infrastructure Administration.
Experience with Build/configuration guidelines for Hardening of Systems.
Working technical knowledge of Operational Security Procedures.
Strong understanding of IP, TCP/IP, and other network administration protocols.
Experience with of IPSec, SSL technologies.
Familiarity with ISO 27001 Cyber Security Essentials, Gov functional standards 005,007.
Familiar with working practice and guidelines of NCSC, CAF, GovAssure, for good principles in information security.
Main Aims:
Uphold the Company Corporate Technology security standards as established in policies, procedures, and guidelines, while continuously analysing and acting upon findings to reduce cybersecurity risks to the Company.
Manage day-to-day operations of the in-place security solutions.
Identify, investigate and swiftly remediate security breaches detected by those systems, and security incidents reported to the IT service desk.
Implement new security solutions, participating in the creation and or maintenance of policies, standards, baselines, guidelines, and procedures as well as conducting vulnerability audits and assessments.
Use a blend of structured and flexible best practices for providing excellent technology services that meets users' needs, including the ITIL framework, working collaboratively with our teams from across the T&DT department.
Key Responsibilities:
Strategy & Planning:
Participate in the planning and design of Company Corporate Technology security architecture, under the direction of the Corporate Technology Head of Infrastructure & Security, where appropriate.
Participate in the creation of Company Corporate Technology security documents (policies, standards, baselines, guidelines, and procedures) under the direction of the Corporate Technology Head of Infrastructure & Security, where appropriate.
Participate in the planning and design of Corporate Technology business continuity plan and disaster recovery plan, under the direction of the Corporate Technology Head of Infrastructure & Security, where appropriate.
Acquisition & Deployment:
Maintain up-to-date detailed knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes, and the development of new attacks and threat vectors.
Recommend additional security solutions or enhancements to existing security solutions to improve overall Company Corporate Technology security.
Perform the deployment, integration, and initial configuration of all new security solutions and of any enhancements to existing security solutions in accordance with standard best operating procedures.
Operational Management
Maintain up-to-date baselines for the secure configuration and operations of all in-place devices, whether they be under direct control (ie, security tools) or not (eg, workstations, Servers, network devices).
Deploy, manage, and maintain all security systems and their corresponding or associated software, including Firewalls, intrusion detection systems, malware/anti-virus software, and so on.
Maintain operational configurations of all in-place security solutions as per the established baselines.
Monitor all in-place security solutions for efficient and appropriate operations.
Review logs and reports of all in-place devices, whether they be under direct control (ie, security tools) or not (eg, workstations, Servers, network devices). Interpret the implications of that activity and devise plans for appropriate resolution.
Participate in investigations into problematic activity.
Participate in vulnerability assessments, penetration tests, and security audits, and undertake remediation tasks as directed by Corporate Technology Head of Infrastructure & Security.
Provide support via the IT Service Desk to end users for all in-place security solutions.
Provide Training to the Corporate Technology Team on Company Corporate Technology Security Solutions.
Provide Security Build guidelines for Endpoints, Servers, and Network Devices to ensure only applicable services are configured.
Work close with Corporate Technology teams to ensure security and Vendor security guidelines are adhered to.
Skills & Approach
Proven analytical and problem-solving abilities, with the ability to effectively prioritise and execute tasks in a high-pressure environment.
Good communication skills, written and oral, with the ability to present ideas in business-friendly and user-friendly language.
Ability to conduct research into IT security issues and products as required.
Highly self-motivated and directed with keen attention to detail.
Team-oriented and skilled in working within a collaborative environment.
The aptitude to carry out all activities supporting and championing our culture drivers.
Good organisational skills with the ability to prioritise and to manage and meet deadlines.
A commitment to continual professional development.
Working Conditions: 2/3 days on site City London, 2/3days remote (per week)
Working for a well established organization
Flexible start date (ie immediate to 3 months notice)
(If this position do not fit within your experience or is of no interest to you we offer a recommendation fee for any consultant you refer we successfully make a placement with).
