Job Description
Cyber Security Analyst| 12 Months (Outside IR35)| Hybrid (Edinburgh)
Harvey Nash's client is recruiting for a Cyber Security Analyst on a 12 month contract.
Main Responsibilities
* Cyber Security Incident Response - process alerts and incidents through tools and direct user reports, knowing when to escalate, ensuring lessons are learned to minimise re-occurrence where appropriate.
* Cyber Security Detection - configure appropriate alerts and remediation processes including automation where possible to ensure significant volumes of security event data can be manged within the small team
* Cyber Security Training and Awareness - Proactively engage colleagues to develop understanding of good cyber security across the organisation, not limited to overseeing phishing simulations and drafting news articles.
* Cyber Security Threat Intelligence and Hunting - determine valuable intelligence feeds, process reports and use intelligence to proactively seek out configuration and process weaknesses, escalating where necessary.
* Vulnerability and Configuration management - Configure Cyber Security scanning tools to ensure trusted data pertaining to current digital system configuration and vulnerabilities is available, prioritise findings and raise with engineers and or risk mangers where necessary, ensure business priorities are considered and where greatest reduction of risk for invested time will be achieved.
* Access Control Reviews - proactive review access controls to report excessive permissions to digital systems
* Carry out investigation and troubleshoot in conjunction with engineers, developers, and business colleagues
* Proactively highlight potential security improvements
* Provide excellent service in response to all business requirements
* Document procedures and share experience with colleagues.
* Provide recommendations for SecOps processes and automation
Key Skills
* Security products (email filtering, AV, firewalls, WAFs, MS Defender, Sentinel)
* Enterprise Systems (email, PKI, AD, Azure, M365, Intune)
* Azure cloud
* Analytical and troubleshooting skills are essential, including problem solving from first principles
* Significant operational cyber security experience on digital systems on an enterprise scale
* Demonstrable recent record of directly carrying out cyber security activities above
* Ability to self-start, accept ownership and see through change start to finish
* Communicate effectively on technical subject with users
This role falls outside of IR35 and is hybrid working with the expectation to attend the Edinburgh office as and when expected. Please note that for this role you must have or be happy to get a Standard Disclosure Scotland. To apply, please send your CV using the link.