Job Description
About the Role:
Working as part of the Security Incident Response Team the Security Analyst will be responsible for responding to and investigating events generated by our security controls. You will ensure that Security Incidents are promptly identified, contained and eradicated, working closely with IT, our security partners and the wider business to do so.
The successful candidate will be monitoring our SIEM and other security controls to identify potential threats and then use all of the controls and resources at their disposal to determine what steps need to be taken to contain and eradicate confirmed threats. Where necessary you will ensure that any forensic evidence is correctly captured and stored in case it is required for future reference. Following an incident you will work with other teams involved to identify opportunities to improve our controls and processes, making recommendations for addressing any lessons learned and implement where appropriate.
The role involves participating in a shift and call out rota to help ensure our environment is monitored and supported on a 24x7 basis.
Key Responsibilities
* Continuously monitor Next's technical security controls in order to promptly identify and investigate potential threats.
* Respond to Security Incidents ensuring prompt containment and recovery.
* Carry out forensic investigations following security incidents.
* Ensure all investigations and incidents are accurately logged and managed in our ITSM tool.
* Participate in lessons learned meetings and make recommendations for improvements to controls or processes ensuring these are implemented where agreed.
* Liaise with other IT Teams, business areas and 3rd Parties to aid in incident investigations and response.
* Ensure continuous awareness of new and emerging threats and understand the TTPs and their relevance to the Next environment.
* Identify false positives and tuning requirements for security controls and work with the Security Engineering team to implement improvements.
* Work with our Security Engineering and Vulnerability & Threat Management Team to test our controls and processes in order to proactively identify opportunities for improvement.
* Maintain operational procedures and technical documentation.
* Manage and maintain metrics and reporting to ensure the security threats and trends impacting our business are understood.
About you:
Essential
* Proven Information Technology experience with a good understanding of network protocols and server infrastructure.
* Windows Server and/or Linux experience.
* Strong analytical and troubleshooting skills.
* Understanding of Information Security including malware, emerging threats, attacks, and vulnerability management.
* A team player who is hardworking and self-motivated.
* Excellent attention to detail.
* Ability to remain calm under pressure and clearly communicate to all levels of management.
Desirable
* Relevant industry recognised security qualification (i.e CySA+, Security+).
* Experience with security or compliance standards such as PCI-DSS or ISO27001.
* Understanding and experience of working for a Retail company.
* Experience with Regex, Scripting
* Experience working in a Security Operations Centre.
* Experience working in an Infrastructure or Network Operations Centre
* Experience installing, configuring and maintaining common security tools such as EDR, IDS/IPS, SIEM, SOAR
* Digital Forensics experience.
About Us
You know Next, but did you know we're a FTSE-100 retail company employing over 35,000 people across the UK and Ireland. We're the UK's 2nd largest fashion retailer and for Kidswear we're the market leader. At the last count we have over 500 stores, plus the Next Online and it's now possible to buy on-line from over 70 countries around the world So we've gone global
About The Team
* 25% off most NEXT, MADE*, Lipsy*, Gap* and Victoria's Secret* products (*when purchased through NEXT)
* Company performance based bonus
* Sharesave scheme
* On-site Nursery available; OFSTED outstanding in all areas
* 10% off most partner brands & up to 15% off Branded Beauty
* Early VIP access to sale stock
* Access to fantastic discounts at our Staff Shops
* Restaurants with great food at amazing prices
* Access a digital GP and other free health and wellbeing services
* Free on-site parking
* Financial Wellbeing - Save, track and enhance your financial wellbeing
* Apprenticeship - Grow and develop on the job whilst gaining a qualification
* Direct to Work - Discount online and instore, collect your items the next day for free from your place of work or local store
* Support Networks - Access to Network Groups to empower and celebrate each other
* Wellhub - Discounted flexible monthly gym memberships, with apps, PT sessions and more
Conditions apply to all benefits. These benefits are discretionary and subject to change.
We aim to support all candidates during the application process and are happy to provide workplace adjustments when necessary. Should you need support with your application due to a disability or long-term condition, feel free to get in touch with us by email (please include 'Workplace Adjustments' in the subject line), or call us on and leave a voicemail.