Cyber Security Analyst
A fantastic opportunity to join a global professional services firm in their UK Central London HQ. To ensure risk based, cost effective, IT security controls are implemented and maintained to reduce the likelihood, and time to detect breaches, whilst ensuring our ability to respond to breaches remains effective. Within this role, you will assume operational responsibility for the effectiveness of Cyber Security technologies and additionally recommend/implement areas of improvement to address IT Security risks. You will also be responsible for responding to requests from Partners, colleagues, external clients and auditors about the IT security controls and framework.
Responsibilities
- Manage, monitor and update the Cyber Security platforms * Provide recommendations for improvements across each of the Cyber security platforms * Assist with coordinating the implementation of secure technology controls based on business risk across all areas of IT infrastructure/services * Assist with coordinating and undertake implementation of procedures to ensure security controls are considered in operational tasks, project delivery and IT governance processes. * Ensure timely and effective management of security incidents and events, identifying root cause and follow up actions to avoid recurrence * To follow a risk assessment methodology and identify preventive and corrective actions * To ensure that all risk treatment actions are being progressed in timely and effective manner * Support the IT in a coordinated programme of activity that maintains ISO 27001 and Cyber Essentials compliance * To assist with monitoring compliance with information security policies and procedures among employees, contractors, partners, and other third parties and ensure appropriate action is taken where risk exists * To create high quality supporting documentation of the cyber security controls and platforms in place and assist in tracking any agreed exceptions * Motivate and foster creativity, communication and team working * To analyze and identify trends from incidents, audit findings and any other applicable sources * To assist in the creation of timely, regular, high quality reports for all levels of the business to give assurance of the effective management of information security in IT systems * Subject matter expert for all Cyber security platforms, engaging with relevant 3rd party Technology partners where required
Requirements
| * Security qualification (SSCP, CCSP, CEH, GCWN, GISF) is desired * Demonstrable knowledge/certifications in relation to Active Directory, Web Filtering Proxy, Anti-Virus technology, Email filtering technology, MFA technologies and O365 and general Microsoft Windows administration * Sound understanding of Identify and Access Management (IAM) principles and least privilege models * Understanding of ITIL framework * Motivated to establish and eradicate the root cause, not treat symptoms. * A broad knowledge of the development life cycle * Proven experience in information security concepts, practices and processes * Proven technical knowledge on evaluating/initiating appropriate technological solutions to meet information security policies * Proven knowledge of related functions including risk management, compliance, auditing, internal controls and general security * Sound understanding of potential security issues * Keen interest in keeping abreast of current and emerging security/risk technologies and vulnerabilities * Proven technical knowledge of Microsoft architecture * Ability to prioritize and action both operational and project demands relating to Information Security. * Excellent knowledge of ISO27001 is essential |