Technical Security Analyst

Accountabilities:
• Evaluate the effectiveness and coverage of security products and tooling to continuously monitor and protect company assets
• Identification, mitigation, and management of security risks, threats and vulnerabilities
• Monitor and review the security operation centre
• Assess and respond to external threat intelligence reports
• Conducting IT audits and security assessment throughout the business against agreed Information Security policies and standards
• Support ISO27001, PCI DSS and other internal and external audit programmes
• Providing support and guidance within IT and the Wider Business to ensure compliance with security policy and standards
• Support the continuous improvement of security policies, procedures, standards and guidelines
• Implement and improve technical processes to create efficient and secure methodologies
• Support the management and investigation of security events including post incident reviews in conjunction with other security teams
• develop awareness materials to ensure continuous improvements to the security culture for the organisation
• Research security enhancements and make recommendations
• Stay current on information technology trends and security standards

PERSONAL PROFILE:
Qualifications and Training
• Recognised IT or Information Security qualifications including Cisco, SANS, ISO27001, CCSP, CISA, or SSCP (desirable)
• CEH (desirable)
• Relevant degree qualification desirable but not essential.
 

Knowledge and Technical Ability
• You will have experience in a similar technical IT Security role involving a broad range of tech including some of the following:
o knowledge & understanding of security principles surrounding SIEM, Antivirus, DLP, Firewalls, Open Source Filtering tools, Cloud security (Azure), IdAM (PAM on-prem/cloud), EDR, Scanning/vulnerability tools, etc.
o Windows Server & Networking
o Incident response
o Endpoint and network security technologies
• Awareness of IT Security and Governance best practices
• Strong understanding of technical security risk, threat, and vulnerability management principles
• Knowledge of international security standards and frameworks (ISO27001, PCI-DSS, NIST)
• Ability to drive own workload identifying risks and requirements working flexibly where required
 

Skills and Behaviours
• Someone intuitive and self-motivating
• Likes to problem solve by researching and investigating better ways of operating utilising the people, processes, and technologies
• Excellent verbal and written communications skills
• Excellent inter-personal skills
• Ability to work accurately and at pace commensurate with a rapidly changing risk environment
• Ability to respond to risks and issues quickly
• An innovative thinker and detail oriented
• Friendly and approachable
• Willingness to learn and undertake formal and informal training should it be required