Job Title: Security Analyst

Location: Epsom (Hybrid model, 2 days in office, 3 days WFH)

Reports to: Head of Service Desk & Security

Principal Task: Management of all Security related tools and processes. Ownership of vulnerability management through the whole lifecycle from internal and external monitoring and identification to remediation and reporting.

Key Skills & Experience

• At least 2 years hands on experience in a similar technical Cyber/IT Security/InfoSec based role (e.g SOC Analyst, Cyber Engineer, SIEM Engineer)
• Experience with security tool sets (SIEM, EDR, NDR, Packet Capture / Analysis, etc.)
• Hands on experience of SIEM & FIM monitoring
• The ability to contextualise, categorise and prioritise security events, incidents, and alerts
• Knowledge of security framework and standards implementation (NiST, ISO27001, PCI-DSS, etc)
• Demonstrable passion and enthusiasm for security, including the ability to keep current with the latest threats, technologies, and trends
• Thorough understanding of adversarial tactics, techniques, and procedures
• Knowledge of infrastructure, cloud, virtualisation and network concepts and technologies, particularly in a Microsoft-centric environment
• Strong attention to detail with an analytical mindset and the ability to spot and investigate anomalous behaviour

Cyber Security Tasks:

• Monitoring of corporate environment to identify security issues or incidents (Threat Hunting)
• Monitor, Investigate, and perform root cause analysis on Security alerts and Incidents from multiple information sources. Including, but not limited to Darktrace, LogPoint, F-secure, Mimecast.
• Investigate and analyse security matters, identify methods and solutions in response to security related queries including the ones, submitted by end users
• Perform root cause analysis of security incidents and participate in post-incident reviews to provide practical recommendations for improving the organisation's threat detection and incident response capabilities and overall security posture
• Perform malware analysis and digital forensics where appropriate
• Drive internal phishing campaigns (KnowBe4 platform) and work with management and HR - Training to raise Cyber awareness within the corporate environment
• Stay relevant and current on IT security trends, best practises, and threat landscape (0-day vulnerabilities, etc)
• Own maintenance, renewal and distribution of SSL Certificates
• Conducting and reporting Risk Analysis Assessments (Attack Vectors, Cryptography, Confidentiality law)
• Contribute to planning and development of secure and effective Identity Management both on prem but also on cloud through Microsoft Azure
• Participate in achieving and maintaining Security related certifications (CE+, PCI, ISO27001, etc)
• Liaise with 3^rd party and vendors on security issues and incident response
• Contribute to the design & development of security standards, controls, and procedures
• Develop procedures to maintain security and protect systems from unauthorised use and acts of abuse
• Manage the day-to-day operations of the security systems by monitoring system performance, configuration, maintenance, versioning, and repair
• Identify and promote continual service improvement of all cyber security systems
• Updating the cyber security risk register

Documentation & Reporting:

• Assist in development of company-wide best practices for Cyber Security
• Document all security alerts, incidents and actions taken for both internal and regulatory use
• Contribute to creation and maintenance of Cyber Security Operations Manual
• Participate in audits, cyber security exercises and provide supporting documentation
• Provide cyber security related reporting dashboards for use at different levels within the Society (Regulatory, Board updates, Vulnerabilities, etc)

Technologies involved:

• SIEM - Logpoint
• Automated Intrusion and response - Darktrace
• AntiVirus / Malware detection - F-secure, Bit Defender
• Email Filtering & Web Security - Mimecast
• FIM - Tripwire
• VMware & VDI Horizon
• Windows Environment
• Microsoft Azure & O365
• AWS
• WAF
• Duo Multifactor Authentication

To be considered for this role, contact Lucie McGuire