Job Specification
Cyber Security Analyst
Reporting to: IT Governance and Security Manager
Office based in Watford; five days per week; non-negotiable.
Must have a British passport or ILR (Indefinite leave to remain). No sponsorship available.
Purpose of the role
The cyber security analyst is responsible for the day-to-day tasks which protect the business from cyber threats and attacks. Based in Watford at head office, this role gives an opportunity to contribute to cyber response and to identify cyber risks, helping IT to protect the company’s systems.
Role Overview
* working closely with the IT governance and security manager, contributing to cyber strategy
* administering IT security systems
* identifying, mitigating and escalating IT security incidents
* identifying deviations from IT security standards
* analysing logs and reporting relevant information
* reporting trends and threats in e-mail and web traffic, as appropriate
* analysing security information and producing relevant reports
* administering and evaluating cyber security questionnaires
* co-ordinating and scheduling penetration tests
* managing third-party forensic investigations
* completing cyber security posture-reporting
* supporting excellent cyber security design, with the ability to contribute to good cyber security practices
In Detail, the Role Will Involve
* log-analysing
* security posture-monitoring
* Trellix antivirus-reporting and some EPO management tasks
* secure physical and electronic destruction of sensitive data
* helping the business to protect sensitive information (e.g. encrypting data)
* educating and awareness through spam-testing; supporting the training teams with e-learning
* monitoring public and third-party feeds for emerging cyber trends
* performing cyber risk assessments
* co-ordinating cyber security incidents
* defining cyber policies and cyber standards
* assessing third-party suppliers’ cyber standards
* keeping abreast of current and emerging threats
Skills Required
* understanding log management (at an analysis level only):
o Microsoft Windows and AD log structure
o network system log, e.g. Cisco and Checkpoint
o Office 365 and Defender security
o knowledge of Splunk the SIEM platform
* understanding of systems and integrity:
o Netwrix security solutions administration, including AD Auditor and Change Tracker
o Trellix and SkyHigh reporting and management, including Trellix antivirus-reporting and DLP using EPO
* operational security and incident management:
o experience of cyber security
o quickly analysing data and making decisions on security threats
Salary and Benefits
* competitive salary
* 25 days’ paid holiday (plus bank holidays) pro rata; head-office bonus scheme; free shares (after 18 months with the company); private medical insurance; contributory pension scheme
We are committed to ensuring that all job applicants are treated equally, without discrimination because of gender, sexual orientation, marital or civil partner status, gender reassignment, race, colour, nationality, ethnic or national origin, religion or belief, disability or age.
#J-18808-Ljbffr