Job Overview

Senior Security Analyst

Location: Surrey, England Salary: Negotiable
Type: Permanent Contact: Ben Meoded
Posted: 8 days ago

Cyber Security Tasks:

  • Monitoring of corporate environment to identify security issues or incidents (Threat Hunting)

  • Monitor, Investigate, and perform root cause analysis on Security alerts and Incidents from multiple information sources. Including, but not limited to Darktrace, LogPoint, F-secure, Mimecast.

  • Responsible for managing the business IT vulnerabilities and paths to remediation, through the whole lifecycle to ensure safety and compliance for the company.

  • Investigate and analyse security matters, identify methods and solutions in response to security related queries including the ones, submitted by end users

  • Perform root cause analysis of security incidents and participate in post-incident reviews to provide practical recommendations for improving the organisation's threat detection and incident response capabilities and overall security posture

  • Perform malware analysis and digital forensics where appropriate

  • Stay relevant and current on IT security trends, best practises, and threat landscape (0-day vulnerabilities, etc)

  • Own maintenance, renewal and distribution of SSL Certificates

  • Conducting and reporting Risk Analysis Assessments (Attack Vectors, Cryptography, Confidentiality law)

  • Contribute to planning and development of secure and effective Identity Management both on prem but also on cloud through Microsoft Azure

  • Participate in achieving and maintaining Security related certifications (CE+, PCI, ISO27001, etc)

  • Liaise with 3rd party and vendors on security issues and incident response

  • Contribute to the design & development of security standards, controls, and procedures

  • Develop procedures to maintain security and protect systems from unauthorised use and acts of abuse

  • Identify and promote continual service improvement of all cyber security systems

  • Updating the cyber security risk register

Documentation & Reporting:

  • Assist in development of company-wide best practices for Cyber Security

  • Document all security alerts, incidents and actions taken for both internal and regulatory use

  • Contribute to creation and maintenance of Cyber Security Operations Manual

  • Participate in audits, cyber security exercises and provide supporting documentation

  • Provide cyber security related reporting dashboards for use at different levels within the Society (Regulatory, Board updates, Vulnerabilities, etc)

Key Skills & Experience

  • At least 2 years hands on experience in a similar technical Cyber/IT Security/InfoSec based role (e.g SOC Analyst, Cyber Engineer, SIEM Engineer)

  • Experience with security tool sets (SIEM, EDR, NDR, Packet Capture / Analysis, etc.)

  • Hands on experience of SIEM & FIM monitoring

  • The ability to contextualise, categorise and prioritise security events, incidents, and alerts

  • Knowledge of security framework and standards implementation (NiST, ISO27001, PCI-DSS, etc)

  • Demonstrable passion and enthusiasm for security, including the ability to keep current with the latest threats, technologies, and trends

  • Thorough understanding of adversarial tactics, techniques, and procedures

  • Knowledge of infrastructure, cloud, virtualisation and network concepts and technologies, particularly in a Microsoft-centric environment

Technologies involved:

  • SIEM - Logpoint

  • Automated Intrusion and response - Darktrace

  • AntiVirus / Malware detection - F-secure, Bit Defender

  • Email Filtering & Web Security - Mimecast

  • FIM - Tripwire

  • VMware & VDI Horizon

  • Windows Environment

  • Microsoft Azure & O365

  • AWS

  • WAF

  • Duo Multifactor Authentication

Eames Consulting is acting as an Employment Agency in relation to this vacancy.