Job specification for the position of: Cyber Security Analyst
Reporting to: Senior IT Governance and Security Manager
Grade: Middle Manager
Dept: IT
Purpose of the role
The cyber security analyst is responsible for the day-to-day tasks which protect the business from cyber threats and attacks.
Based in Watford, at head office, this role gives an opportunity to contribute to Wetherspoon's cyber response and to identify cyber risks, helping IT to protect the company's systems.
Role overview
* working closely with the IT governance and security manager, contributing
to cyber strategy
* administering IT security systems
* identifying, mitigating and escalating IT security incidents
* identifying deviations from IT security standards
* analysing logs and reporting relevant information
* reporting trends and threats in e-mail and web traffic, as appropriate
* analysing security information and producing relevant reports
* administering and evaluating cyber security questionnaires
* co-ordinating and scheduling penetration tests
* managing third-party forensic investigations
* completing cyber security posture-reporting
* supporting excellent cyber security design, with the ability to contribute
to good cyber security practices
In detail, the role will involve
* log-analysing
* security posture-monitoring
* Trellix antivirus-reporting and some EPO management tasks
* secure physical and electronic destruction of sensitive data
* helping the business to protect sensitive information (eg encrypting data)
* educating and awareness through spam-testing; supporting the training teams
with e-learning
* monitoring public and third-party feeds for emerging cyber trends
* performing cyber risk assessments
* co-ordinating cyber security incidents
* defining cyber policies and cyber standards
* assessing third-party suppliers' cyber standards
* keeping abreast of current and emerging threats
Skills required
* understanding log management (at an analysis level only):
Microsoft Windows and AD log structure
network system log, eg Cisco and Checkpoint
Office 365 and Defender security
knowledge of Splunk the SIEM platform
Netwrix security solutions administration, including AD Auditor and Change Tracker
Trellix and SkyHigh reporting and management, including Trellix antivirus-reporting and DLP using EPO
experience of cyber security
quickly analysing data and making decisions on security threats
Salary and benefits
* competitive salary
* 25 days' paid holiday (plus bank holidays) pro rata; head-office bonus scheme; free shares (after 18 months with the company); private medical insurance; contributory pension scheme
HOURS PER WEEK