Information Security Operations Analyst

Robert Walters ,
London, Greater London
Salary: £50000 - £60000 per annum

Overview

My client, a global professional services company, is looking for an Information Security Operations Analyst to join their growing team in London. About the Security Operations Analyst Role: The purpose of this role is to design new, mature existing and support the operation of cyber security controls and processes for the organisation in line with cyber security risks and the cyber security policies and standards. This includes Identity & Access Management (IAM), working closely with the Security Operation Centre (SOC) for scheduled security compliance checking, security monitoring (SIEM and other), security incident management (in conjunction Information Security), vulnerability management and KRI/KPI reporting. Key Responsibilities: Develop a familiarity with new tools and best practices for security operations. Define, implement and maintain operational security processes. Review and mature the Identify and Access Management process in line with industry best practice. Review and approve access requests. In conjunction with the SOC, assist in the investigation of SIEM alarms, identify false positives and escalate incidents. Evaluate and implement new SIEM functionalities. Develop and maintain operational Security KRIs/KPIs. Maintain technical documentation of operational security controls. Provide 2nd line incident response for security incidents. Assist in the development of new and changes to existing security policies and standards. Support internal and external audits of cyber security. Knowledge, Skills & behaviours requirements: Hands on experience in security systems, including firewalls, intrusion detection systems, anti-virus software, authentication systems, log management, content filtering, etc. Extensive technical working knowledge of security systems including: Network and application firewalls reviews and approvals. IDS/IPS systems. Web Proxies and Content Filtering. Endpoint security including antivirus, host based firewalls and execution control. Authentication technologies (Active Directory). Network Access Management. Privilege Access Management. VMWare including VDI. Vulnerability Management tools. Experience in leading security incident response including identification, preservation and interpretation of computer evidence. Familiarity with database and operating system security. Compliance monitoring. Defence in Depth techniques. Previous experience working in a technical information security role with similar responsibilities to the above. Advantageous (not essential) Cloud Secrets Management (Cloud Vaults / Key Management & Rotation / MFA / Passwords). Public Cloud (AWS/Azure) security concepts (Virtual Networks/VPC, Log and Incident procedures). Splunk experience. Scripting tool such as Python etc. Security Certification (e.g. CREST, SANS, CEH) If the above is of interest please apply to this job ad or call me on 0207 509 8040 to find out more. This job was originally posted as www.totaljobs.com/job/89642118