|Location: Surrey||Salary: £70000.00 - £75000.00 per annum + + Benefits + Bonus|
|Sector: IT & Telecoms||Specialism:|
|Type: Permanent||Contact: Gautam Raval|
Senior Security Analyst
Surrey - Hybrid Working
My client is a leading financial services organisation based in Surrey who are recruiting for a Senior Security Analyst.
As a Senior Security Analyst you will have at least 3 years of commercial working experience as an Cyber Security IT Analyst with experience with security tool sets (SIEM, EDR, NDR, Packet Capture / Analysis), along with experience of SIEM and FIM monitoring.
As a Senior Security Analyst you will Provide Security Input for projects in a Digital Transformation Programme.
Manage Security tooling and processes.
Own vulnerability management through the whole lifecycle from internal and external monitoring and identification to remediation and reporting.
Senior Security Analyst Benefits:
- 22 days holiday + 8 Bank Holiday (Holiday's increase to 27, 1 additional day per year worked)
- Healthy contributed pension
- Training and development
- Access to a number of financial based products
- Dress down Fridays
As a Senior Security Analyst you will perform the following tasks:
- Provide Security Input to architecture, high level and low level design documents as part of a digital transformation programme (Identity Security Management, Data Security, Threat models, Network Security, SaaS, IaaS. 3rd party and supply chain security)
- Act as the escalation point on monitoring of corporate environment to identify security issues or incidents (Threat Hunting)
- Mentor and guide the security analyst, in monitoring, Investigation, and root cause analysis on Security alerts and Incidents from multiple information sources. Including, but not limited to Darktrace, LogPoint, WithSecure, Mimecast.
- Responsible for managing the business IT vulnerabilities and provide to the service desk team, paths to remediation, through the whole lifecycle to ensure safety and compliance for the business
- Investigate and analyse escalated security matters, identify methods and solutions in response to security related queries including the ones, submitted by end users
- Perform root cause analysis of security incidents and participate in post-incident reviews to provide practical recommendations for improving the organisation's threat detection and incident response capabilities and overall security posture
- Perform malware analysis and digital forensics where appropriate
- Drive internal phishing campaigns (KnowBe4 platform) and work with management and HR - Training to raise Cyber awareness within the corporate environment
- Ensure the business stays relevant and current on IT security trends, best practises, and threat landscape
- Own maintenance, renewal and distribution of SSL Certificates
- Contribute and provide input on Risk Analysis Assessments
- Participate in achieving and maintaining Security related certifications (CE+, PCI, etc)
- Contribute to the design & development of security standards, controls, and procedures
- Ensure readiness, appropriate versioning and health, of the security systems used on day to day security operations
- Identify and promote continual service improvement of all cyber security systems and procedures
- Share knowledge with and cross-train other members of the Service Desk & Security team
Senior Security Analyst Essential Skills:
- At least 3 year experience in a similar Cyber/IT Security/InfoSec based role
- Experience of Cyber Security input on Projects (Design, High Level, Low Level)
- Experience with security tool sets (SIEM, FIM, EDR, NDR)
- The ability to contextualise, categorise and prioritise security events, incidents, and alerts
- Knowledge of security framework and standards implementation (NiST, ISO27001, PCI-DSS, etc)
- Demonstrable passion and enthusiasm for security, including the ability to keep current with the latest threats, technologies, and trends
- Thorough understanding of adversarial tactics, techniques, and procedures
- Knowledge of infrastructure, cloud, virtualisation and network concepts and technologies, particularly in a Microsoft-centric environment
- Strong attention to detail with an analytical mindset and the ability to spot and investigate anomalous behaviour
IT Security Technologies involved:
- SIEM - Logpoint
- Automated Intrusion and response - Darktrace
- AntiVirus / Malware detection - F-secure, Bit Defender
- Email Filtering & Web Security - Mimecast
- FIM - Tripwire
- VMware & VDI Horizon
- Windows Environment
- Microsoft Azure & O365
- Duo Multifactor Authentication
Services advertised by Gold Group are those of an Agency and/or an Employment Business.