Security Analyst (T3)

Roles & Responsibilities

Security Analyst (T3)

Role Definition

As a Security Engineer, you’ll be part of the IT Security team responsible for monitoring the business’s network and endpoints for malicious and anomalous activity. You’ll be responsible for designing, implementing, and maintaining security tooling and process for CLIENT. You’ll assist in reviewing incidents to assess their risk and urgency, acting as a point of escalation to less experienced team members.

You’ll be actively involved in the software development process advising developers on best practise and security architecture during development to ensure that CLIENT’s internal tooling is developed with security by design.

Key responsibilities & Accountabilities:

· Designing, implementing, and maintaining tooling and processes to enhance CLIENT’s IT

· Security posture.

· Advising developers on best practice and security architecture during development

· Conducting security reviews of software prior to release to ensure they meet CLIENT’s security requirements.

· Acting as an escalation point for investigation and resolution of events where more junior members of the team require support.

· Creation of SOPs, policies, and procedures relating to our Information Security practices.

· Assist in reviewing and mitigation of vulnerability assessments, penetrations tests and security audits and working with IT to mitigate any identified risks.

· Assessment of vulnerabilities to identify the potential impact to CLIENT.

· Keep up to date with the latest Cyber Security Trends and Updates

Skills & Ability

· An analytical thinker with excellent problem-solving skills

· High attention to detail

· Security Detection and Monitoring

· Incident Response

· SIEM tools (Azure Sentinel)

· Vulnerability Management

· Secure Software Development

Knowledge & Experience

· 1+ Years previous experience working within the Cyber Security industry.

· Working knowledge of Windows & Active Directory (Inc Azure Active Directory)

· Hands on working with Office 365 and Azure

· Networking, including TCP/IP and other common protocols.

· Use of SASE including Cato preferred but not essential.

· Experience in cyber forensics preferred but not essential.

· Working knowledge of security standards and frameworks

· Any Microsoft certification would be a bonus, but not essential.