Cyber Security Analyst

Title: Cyber Security Analyst

Department: Cyber Security, Information Technology

Reports To: Cyber Security Manager

Work Patterns: Mon-Fri 9am-5:30pm (not Inc. Bank Holidays)

You will be required to pass a range of referencing and vetting checks, including a Criminal Record Check and for certain roles a Counter Terrorism Check. You must also have lived in the UK for at least 3 years with a 5-year work history, unless in education.

Main Purpose of Post:

The Cybersecurity Department at London Luton Airport provide support for all electronic communications systems at the site, as well as taking a leading role in delivering technology change / improvement projects and managing external support agreements.

The Cyber Security Analyst is required to focus on the detection, investigation and response to cyber security events and incidents. Other tasks involve BAU security tasks, supporting cyber security projects and assisting with regulatory compliance. The role will involve using a diverse security toolset and the successful applicant will build extensive experience in all areas of cyber security.

Main Responsibilities:

• Endpoint monitoring and analysis.
• Incident readiness and handling as part of the Computer Security Incident Response (CSIRT) team.
• Monitor and administer Security Information and Event Management (SIEM).
• Malware analysis and forensics research.
• Understanding/ differentiation of intrusion attempts and false positives.
• Investigation tracking and threat resolution.
• Vulnerability identification & mitigation / remediation.
• Compose security alert notifications.
• Help develop cyber security process & procedures.
• Advise incident responders & other teams on threat.
• Triage security events and incidents apply containment and mitigation/remediation strategies.
• Generate reports and document security incidents / events.
• Proactively monitoring the performance of systems, and make regular routine inspections of installed equipment and take corrective avoidance actions to prevent wider problems.
• Act as the point of escalation for the Service desk for security related tickets.
• Analysis of weekly vulnerability scans and update relevant records.
• Responsibility for the health, safety and wellbeing of yourself and colleagues in the workplace; supporting our journey to create an open and honest wellbeing culture at LLA.

Key Requirements for the Role:

Essential

• A well organised and structured approach to work planning, time allocation to tasks, and a flexible approach to daily routines to deliver the desired results.
• An ambition to constantly learn new skills and develop knowledge, with an understanding that study time outside of working hours may be required for career development.
• Credible knowledge/experience in Microsoft Windows Operating Systems.
• Credible knowledge/experience of Active Directory, Group policies, TCP/IP, DNS, DHCP and Exchange Server.
• Capable of effectively multi-tasking, prioritizing work, and handling competing interests
• Capable of analysing information technology logs and events sources preferred
• Working knowledge of data storage systems, data backup and restoration methods.
• Understanding of security tooling, its purpose and functionality (Anti-Malware, IPS, Web and Email Gateways, security analysis tools, web security tools, next generation firewall/UTMs)
• A team player with good work ethic, communication skills and a professional who maintains customer-service based approach.
• Ability to work independently while managing support to a high standard
• Contribute credibly to IT department’s delivery of SLAs and other support targets
• Self-motivated to advance own knowledge & gain formal qualifications
• Ability to analyse vulnerabilities, threats, designs, procedures and architectural design, producing reports and sharing intelligence
• Advanced knowledge of computer forensics; legal, government and jurisprudence as they relate to cybersecurity; operating systems; and methods for intelligence gathering and sharing
• Knowledge of Cloud computing, computer network defence, identity management, incident management and network security.
• Significant experience within a SOC environment
• Incident response experience
• Qualification / Certification in Cyber Security

Desirable

• IT Qualifications / Certifications such as CompTIA A+, Network+, Security+
• IT Helpdesk experience or knowledge
• Cyber Security Operation Centre experience
• Qualification / Certification in Cyber Security