This is a great role working for a high profile brand that requires a Cyber Security Operations Analyst to be accountable for the definition and development of security tools that operate and are monitored within the Security Operations Centre (SOC) to identify and detect security threats, coordinating an effective response and recovery.
Working with partners the Cyber Security Operations Analyst is accountable for coordinating an effective response and rapid recovery to detected security incidents and threats, minimising security incidents and potential impact, allowing the business to maintain availability.
Accountable for effective governance that ensure policies and standards based on recognised best practice frameworks enable the delivery of best-in-class security operations.
The role offers hybrid working with a bonus scheme, flexi benefits and much more.
What the role will be doing:
- Incident Response - Lead or support the technical response to cyber security incidents in collaboration with partners and stakeholders
- Contribute to the development and improvement of security tools, technologies, and services used by the Security operations Centre and our partners to protect the company
- Work closely with the Security Operations Centre to provide operational support and improve and mature use cases and playbooks
- Assess threat intelligence and where necessary coordinate with partners to ensure appropriate remediation or mitigation activities are carried out
- Conduct reactive and proactive threat hunting, and contribute to the development of an intelligence-led framework, to protect the company against emerging and known threats
- Contribute to post incident reviews to identify lessons learnt considering people, process, and tools to identify improvements and control enhancements to better detect, protect, respond to and recovery from a future cyber security incident
- Co-ordinate with partners to ensure vulnerability scanning and assessments are carried out, reported and appropriate remediation or mitigation activities are carried out
- Proactive monitoring of various security tools and technologies. Participate and contribute to cyber incident response exercises
- Experience working within cyber security operations and have practical experience of working in a security incident response team and leading the technical response to cyber security incidents
- Experience working with cyber security tools and technologies, including endpoint security, email security, network security, SIEM, SOAR, vulnerability scanning, and IDS/IPS
- Strong working knowledge and understanding of vulnerability management, threat intelligence and threat hunting
- Security qualifications such as Security+, CEH, GSEC, CISSP are desirable
- Understanding of cyber security standards and frameworks; ISO27001, NIST, SANS and OWASP
- Up-to-date knowledge of current exploits, vulnerabilities, threats, and security analysis techniques
- Knowledge of TCP/IP, network protocols, OSI model, routing and switching and packet analysis tools
- Understanding of various operating systems, including Windows and Unix
- Working knowledge of one or more SIEM solutions
- Experience of improving the maturity level of security controls in line with industry best practice and standards
For finer details on the role please contact Amanda Cager - Amanda.firstname.lastname@example.org - 07796 302988
Project People is acting as an Employment Agency in relation to this vacancy.