Aggressive fin-tech company, global client base, Remote working?
IT Security Analyst
£40,000 + (D.O.E)
An award winning, world leader in Adaptive technology in their respective field have an urgent need to bring in a Security analyst to join an ever-growing internal security function.
They're more than just a tech company, their biggest asset is that their people are exceptionally talented and dedicated to fighting fraud and protecting the customers from risk.
In your role as IT Security Analyst you will help the business to achieve their goals and deliver success on behalf of the customers by the day-to-day operation of the in-place security solutions designed to protect our networks, computers, programs and data from compromise, damage and unauthorised access. You will be responsible for the identification, investigation, and resolution of security exceptions detected by those solutions. The role will require an analysis of issues, you’ll work closely with the IT team and other business stakeholders to understand key concepts in these technologies to inform your analysis. You will be required to articulate the results of your analysis to others in order to inform improvements to processes, policy and systems.
* Strong knowledge of log collection, analysis and correlation processes
* Research/evaluate emerging security threats and ways to mitigate them
* Monitor and respond to
o security alerts and provide incident response
o monitor identity and access management, including monitoring for abuse of permissions by authorised system users
o Intrusions and unusual, unauthorised or illegal activity
o 'phishing' attempts and activity
* Keep up to date with the latest security and technology developments
* Use analytic tools to determine emerging threat patterns and vulnerabilities
* Generate reports for both technical and non-technical staff and stakeholders
* Maintain an information security risk register and assist with internal and external audits relating to information security
* Conduct security risk assessments, business impact analysis and recommend appropriate control improvements.
* Ensure all processes and controls that fall within your area of responsibility are operating effectively and are correctly evidenced as working.
* Assist with the creation, maintenance and delivery of Cyber security awareness training for colleagues.
Commercial experience with some of the following are a must:
- SIEM – Security information and event management
- IAM – Identity and access management
- DLP – Data loss prevention
- VA – Vulnerability assessment and mitigation
- High level understanding of a broad technology areas, including SaaS, IaaS, networks, firewalls, storage and virtualisation.
- Experience with managing penetration testing engagements
Great to haves:
- Experience and/or understanding of AWS security.
- Experience of Windows and Linux systems administration
- Use of automation tools such as Ansible, Chef or Puppet
- Experience working in an ISO27001/2, PC-DSS or SOC 2 environment.
For more information call Andy on 01223 237888 or drop your CV across to email@example.com