IT Security Analyst

We are currently recruiting for an IT Security Analyst to work with internal security tools and outsourced SOC to investigate security alerts and provide incident response duties across end user devices, IaaS environments and physical infrastructure.

As the IT Security Analyst you will ensure security measures and software to protect systems is operational and effective; as well as identifying potential configuration weaknesses & vulnerabilities and work with IT colleagues to implement remediation measures in line with IT operational procedures.

You will work with IT Security Manager to help assess proposed changes to controls against best practice and organisational risk appetite; and provide a point of contact for end-user and IT enquiries relating to IT Security matters.

In this role you will be able to work towards becoming a Microsoft Certified Security Operations Analyst Associate.

Responsibilities:

• Be responsible for managing all cyber security incidents raised by the Service Desk, SOC, or any security tools and ensuring all incident information is captured.
• Produce risk assessments for any ongoing threats or vulnerabilities which may exist post-incident.
• Monitor security tools for effectiveness and suggest any remedial action necessary to maintain their effectiveness.
• Maintain visibility of monthly security patching and ensure any exceptions are captured.
• Ensure new assets are accurately captured in monthly scans and maintain applicable security services information in designated repository.
• Creating and maintaining information security operational runbooks.
• Taking part in security testing and liaising with other IT teams for resources where required.
• Assist with the production and maintenance of IT Security policies, processes and procedures.

Skills:

Essential:

• Previous experience in Cyber Security incident response, or similar IT background.
• In depth knowledge of networking and network security technologies such as Firewalls, IDS/IPS, Proxies, Content & Email Filtering, Application security, SIEM and Log monitoring/management.
• Good knowledge of Microsoft’s suite of cloud technologies and security tools
• Good knowledge of Security & Governance best practice.
• Understanding of compliance requirements such as ISO27001.
• Able to work under own initiative, with minimal supervision.
• Strong relationship management with technical teams.
• Experience with using vulnerability assessment tools.
• Ability to solve security-related technical problems and implement innovative solutions
• Manage root cause analysis reviews, ensuring improvement plans are documented and managed through to completion
• Able to review output from security tools to build an analytical picture of a security incident.
• Excellent analytical skills; the ability to view a problem from different angles
• Proven ability to provide technical advice, leadership, and direction to more junior IT Staff
• Strong in risk and issue management to enable IT security and other IT teams to work symbiotically.
• Apply a continuous improvement process, learning from completed work where to improve efficiency and the value of the IT security function.
• Able to build effective relationships and manage internal and external stakeholder.

Desirable:

• Understanding of compliance requirements such as ISO27001.
• Experience with using and integrating vulnerability assessment tools in a cloud environment
• Microsoft Cloud Security qualification

If you feel you have the skills and experience required for this role, please do apply now.