Job Title: Security Analyst
Location: London
Salary: Up to £60k
Role Overview
You will be working as part of a global team to set and deliver the security strategy for the organisation and its core platforms. You will be helping to provide guidance and advice on ensuring a successful security strategy.
You will also be expected to address key operational aspects such as auditing, cloud security, risk management, End User Cyber Security Awareness, evaluation of new technology and supporting global initiatives. Along with this will be a need to be able to help respond to security questionnaires from clients and engage with vendors on new and existing solutions. This will provide a fantastic opportunity to get further hands-on experience with setting and managing security standards and controls, security governance and compliance .
Travel to other offices may be required from time to time.
Key Accountabilities
- Input to shape our Information Security strategy to stay abreast of the evolving threat landscape as relevant.
- Help define and implement the correct security controls across our product platforms.
- Support key strategic projects selecting and implementing tooling (for example SIEM tooling, DLP, Vulnerability Management).Supporting or running product evaluations to select new Information Security solutions
- Research current threats from a variety of sources to highlight those that pose a risk to the client
- Working with different teams to ensure any vulnerabilities are tracked through to remediation
- Investigating and resolving events generated by our SIEM solution
- Creating and delivering engaging cyber security awareness content
- Running regular internal auditing activity to discover vulnerabilities, threats, and breach of company security policy
- Learning, shaping, and executing our Cyber Incident Response process when necessary
- Assisting with daily checks of monitoring and logging systems
- Helping to ensure our Information Security policies and procedures remain up to date and relevant
- Upskilling a motivated network of Security Champions in tools and processes used by the Information Security team, allowing them to provide effective 24-hour first response
This list is not exhaustive and there may be other activities you are required to deliver.
Qualifications / Training (Desirable)
Skills, experience & qualifications required
- Information Security related certifications such as (CISSP, SSCP or CCSP)
- Excellent understanding of information security best practices.
- Ability to provide awareness training
- Securing Cloud platforms
- Monitoring and identifying suspicious or harmful activities
- Excellent communication skills and ability to engage with senior stakeholders
- Ability to document and report control failures and gaps to stakeholders
Work Experience
- Minimum three years' experience in an Information Security role
- Experience of working in an Enterprise IT team or a managed hosting environment / ISP beneficial
- Demonstrable Cloud ( AWS is preferable) expertise both from a policy/standards/delivery perspective and threat analysis and compliance reporting
- Experience using SumoLogic SIEM or similar SIEM solution
- Workplace Security experience including Google Workplace, Windows 10 and MacOS
- Any experience of achieving SOC2 compliance or similar