Information Security Analyst

To support and enhance GSFs cyber security operations through proactive monitoring threat analysis and control improvement.

The Information Security Analyst is a technically capable and detail-driven individual who ensures that controls monitoring and response mechanisms are both effective and continuously improved.

This role requires precision integrity and the drive to do what is right not what is easy.

Monitor daily cyber security operations including KnowBe4 / PhishER XDR incidents FortiAnalyser and associated support tickets.

Maintain effective tracking and monitoring formats ensuring all activity and incidents are accurately logged in the ticketing system.

Assist with the operation and analysis of alerts from SIEM XDR and related detection platforms.

Support security monitoring of firewalls web filtering and IPS / IDS controls; understanding of their configuration is desirable.

Conduct vulnerability scanning using tools such as Tenable or ManageEngine escalating or resolving findings as appropriate.

Ensure the GSF estate remains patched against vulnerabilities and aligned with best practice standards and accreditation.

Maintain and improve log ingestion pipelines including syslog custom parsers and API integrations to enhance visibility and automation.

Support the management of security incidents in coordination with relevant stakeholders.

Assist with the development of automation playbooks and webhooks to improve response efficiency and consistency.

Help document and implement mitigation measures contributing to post-incident reviews and lessons learned.

Participate in penetration test preparation remediation tracking and validation activities.

Support administration and policy management within Microsoft 365 including Purview Entra and Intune.

Contribute to Active Directory security reviews access control improvements and privileged account auditing.

Assist with compliance activities internal audits and participation in third-party or client security assessments.

Support vendor due diligence and maintain supplier risk documentation.

Maintain awareness of and alignment with frameworks including Cyber Essentials ISO 27001 and related standards.

Ensure documentation evidence and audit trails are maintained to demonstrate control effectiveness and compliance.

Contribute to the secure design and review of systems and applications by applying Secure Development Lifecycle principles throughout change and deployment processes.

Support education through phishing simulations and awareness campaigns.

Contribute to the development and delivery of clear engaging security materials for both technical and non-technical audiences.

Promote positive cyber behaviours and act as an ambassador for information security across the business.

Apply PowerShell or Python scripting to improve automation reporting and response processes.

Support Privileged Access Management (PAM) and Identity Access Management (IAM) activities.

Develop hands-on experience in endpoint detection and response (EDR / XDR) platform tuning and maintenance.

Proven understanding of security best practices and implementation across enterprise environments.

Hands-on experience with:

• SIEM XDR and log ingestion (syslog APIs parsers).
• Mail gateways and phishing protection (KnowBe4 PhishER Mimecast).
• Privileged Remote access and VPN solutions
• Firewall and web filtering solutions with an understanding of networking and infrastructure.
• Vulnerability management tools (Tenable ManageEngine).
• Microsoft 365 stack as well as Active Directory and Group Policy.
• Penetration test engagement and remediation processes.

Awareness of Cyber Essentials ISO 27001 GDPR and data protection requirements.

Precise and articulate communicator with strong documentation standards.

Analytical thorough and structured approach to problem solving.

Demonstrates integrity and a clear commitment to doing what is right.

Strong stakeholder engagement and collaboration across IT and business teams.

Proactive hands-on mindset with the ability to learn and adapt quickly.

GSF Car Parts is one of the UKs leading automotive parts distributors supplying thousands of independent garages throughout the UK and Ireland with parts tools garage equipment and specialist training. The group has over 175 branches nationwide and a turnover exceeding 475 million. Built on the heritage and success of a dozen local brand identities acquired over several years we have traded as one brand since November 2021. Our branch network is bolstered by centralised support and expertise from specialist departments in key areas such as procurement and supply chain marketing and national accounts. The business also benefits from integrated IT systems which include our industry leading catalogue system Allicat and access to the Groups national garage programme Servicesure.

Key Skills: IT Experience,Splunk,IDS,Cybersecurity,FIPS,PCI,NIST Standards,Information Security,Encryption,FISMA,RMF,Siem

Employment Type: Full-Time

Experience: years

Vacancy: 1