Cyber Security Analyst (Cloud)
From architecture to implementation, we are immersed in I.T. One of our core specialisms, we have placed a broad range of talent. From developers bringing a Java project over the line, to C-suite execs overseeing the cybersecurity of entire portfolios, we have matched candidates with some of the country’s biggest corporations – as well as its coolest consultancies. Under the umbrella of I.T and business change, we have also been part of some spectacular business change and transformation initiatives - in industries like retail, utilities, defence, telecoms, finance and banking.
Cyber Security Analyst (Cloud) – Halifax
A brilliant opportunity has become available for a Cyber Security Analyst to join an innovative & well-established Insurance Provider. This is a great opportunity to join our growing, dynamic organisation working with a friendly, skilled team where you will be well looked after and encouraged to learn, progress and grow within your role.
Who are we?
This Opportunity is for one of the UK’s well-established Insurance providers, serving over 1.8 Million policy holders at a value of £700 Million pounds. With a history of success dating back 50 Years, 7 offices across the UK & a multitude of high calibre awards, this organisation only aim to be at the very top of what they do.
As a Senior Cyber Security Analyst that sits within the wider SecOps Function, it will be your responsibility to maintain an efficient and secure environment in order to protect customer, financial and intellectual data in order to keep in to line with regulatory and customer expectations. You will also be responsible for monitoring all traffic that flows in & out of a client’s organisation ensuring that threats are limited & any malicious activity is kept at bay. If you are analytical by nature, have a desire to work hard, eager to expand your technical knowledge and love a challenge, then this may just be your dream role!
- Operating the Security Information and Event Management system to detect and report on threats and issues.
- Performing daily and weekly monitoring tasks, managing alerts and follow-up actions.
- Continually developing and improving monitoring and reporting procedures.
- Maintain and improve the proactive and detective cyber security technologies and associated processes.
- Auditing IT systems and processes for compliance and performing fixes and updates where relevant.
- Designing and executing vulnerability assessments, managing penetration tests and security assessment/audits, working with IT to recommend and help mitigate identified risks.
- Analysing, reviewing and reporting on identity and access governance processes and the use of privileged (e.g. admin) accounts
- Assisting in the development of security standards, baselines, guidelines and procedures – Leading investigations into alleged or actual breaches of security by collating and analysing information and producing assessments and reports.
- Manage intrusion detection/protection systems, firewalls, web filtering solutions, antivirus and anti-malware services.
- Maintain the most appropriate security designs to support the firm, conduct reviews regularly taking into account established best practices and new technologies.
- Keep up to date on the latest security technologies and solutions and conduct research into their potential application in the firm.
- Work with the wider technical teams to review code and recommend remediation of vulnerabilities in line with best practice.
What will you need?
- An awareness of cyber security related standards and regulations, for example, ISO 27001 and PCI DSS.
- Experience of configuration management tools, host virtualisation, SIEM tools, containerisation, vulnerability scanners, proxies, WAFs.
- Good understanding of cloud control management tools and processes.
- A knowledge and understanding of secure development (SDLC) methodologies and coding techniques.
- Experience of AGILE working methodologies.
- Experience of SOC Implementations (ideally from cloud).
- Excellent documentation skills (process, control, policy, and risk documentation).
- Educated to Degree level in a relevant subject or undergone any equivalent professional certifications.
- Qualifications such as CISM, CISMP, CISSP, etc.
- Exposure to TCP/IP protocols as well as networking, troubleshooting, firewalls, configuration, monitoring, network packet capture and tcdup / wireshark.
- An advanced understanding of threat analysis, threat hunting & intelligence feeds.
- Knowledge of common internet protocols such as SMTP, HTTP & DNS.
In return you will be offered a position in a great organisation with a people first culture, along with a competitive salary & benefits.