Senior Cyber Security Analyst
Reporting to the Head of Cyber Security as a Senior Cyber Security Analyst, you will be part of a team of Information Security specialists, where you will help define the technology, policies and practices used to protect the organisation and its clients.
You are highly motivated with strong technical acumen in security operations working in collaboration with a team of IT operations specialists, including DBA, System and Network administrators, and Solution Owners in identifying and quickly remediating any security related incidents, vulnerabilities or other concerns that may impact the business.
You must be able to work in a fast paced, agile environment with short timelines for deliverables. Whilst it is recognised not all security measures are impenetrable, you will be measured on your ability to quickly identify, respond to and contain security threats.
Key responsibilities include, but are not limited to
- Operate and monitor Intrusion Detection Systems (IDS), Security Incident and Event Management (SIEM), anti-malware and other cyber-security tools, logs and technologies, enabling rapid detection and response to malicious activities
- Recognise and respond to cyber-attacks and threats based on in-depth, proactive analysis of monitoring, network, application and system event data to identify potentially abnormal or anomalous system behaviour
- Perform network- and host-based forensic analysis during incident response activities
- Conduct infrastructure and web application penetration tests and vulnerability assessments as part of the organisation’s proactive security programme
- Develop secure operating system and network device configuration standards
- Evaluate and utilise intelligence regarding new threats and vulnerabilities to ensure protective monitoring is capable of detecting potential new attacks (e.g. through custom network (IDS), host-based (EDR) or SIEM rules)
- Research and maintain a proficiency in current and emerging threats, vulnerabilities and security technology developments
- Create reports on cyber-security threats, attacks, incidents, and other indicators of cyber-security issues
- Assess the organisation’s exposure to existing and new vulnerabilities and develop detection / mitigation strategy
Technical knowledge and experience:
The successful candidate must possess a strong understanding of the following;
- Familiarity with IDS, SIEM, anti-malware and cyber-security technologies, including tuning, where appropriate
- Demonstrable understanding of network traffic analysis techniques and ability to correlate multiple cyber-security event sources to provide a complete analysis of an intrusion and recommend mitigation
- Familiarity with the tools and techniques used by both ethical and malicious hackers, e.g. vulnerability scanners, exploit frameworks, etc.
- Detailed understanding of TCP/IP, Internet protocols and networking principles and OS concepts and technologies.
- Knowledge of multiple operating systems and networking technologies, including hardening methodologies
- Security operations and/CSIRT experience
- Offensive Cyber Security Practices and Penetration Testing
- Programming / scripting skills in Python and PowerShell
- Excellent communication skills to be able to work with individuals at all levels of the organisation and with third-party vendors
- Must be an intelligent, articulate, consensus building individual who can serve as an effective member of the Cyber Security team and effectively communicate technical concepts.
- Ability to work and communicate effectively, and willing to travel to overseas offices, as required.
- Must demonstrate the ability to maintain strict confidentiality of the company’s internal and personnel affairs
- Ability to manage multiple concurrent objectives or activities, and effectively make judgments in prioritizing and time allocation in a high- pressure, ever changing, environment
- Ability to support with technical and procedural transformation and adapt to a rapidly changing environment.
- Highly self-motivated and directed, and able to harness different skills and experience, and enjoy a strong sense of team spirit.
- Excellent verbal communication and documentation/technical writing skills.
- Must demonstrate professionalism and maturity when working with internal business functions, peers, senior management, and vendors
- Detail oriented with strong organisational and analytical skills
Non-essential but desirable
- A strong technical experience within Cyber Security, ideally with an operations or transformation focus
- Relevant experience in Security operations / CSIRT as a lead role is essential
- Degree in Computer Science or equivalent working experience preferred
- Relevant Cyber Security Certifications (GCFA, GCFE, GPEN, GCIH)