IT Security Analyst

IT Security Analyst - Permanent role - £41000 - £44000 per annum + Benefits - Central London - Hybrid

Job purpose:

Monitor security logs across the organisation. Assist the IT Security Manager to investigate security breaches and other cyber security incidents. Install effective security measures and operate software to protect systems and information infrastructure, including firewalls and data encryptions.

Key Accountabilities:

1. Effectively monitor the companies estate computer networks for security issues.
2. Ability to learn and apply new security concepts.
3. Investigate security breaches and other cyber security incidents, resolving them efficiently.
4. Install security measures and operate software to protect systems and information infrastructure, including firewalls and data encryption programs.
5. Clearly document security breaches and assess the damage they cause, whilst also making well-considered recommendations to avoid similar security breaches.
6. Collaborate well with the IT Security Manager to perform tests and uncover network vulnerabilities.
7. Assist with resolving detected vulnerabilities to maintain a high-security standard.
8. Research security enhancements and make well-considered and informed recommendations to IT Security Manager.
9. Examine security systems and web applications.
10. Monitor security access across the organisation.
11. Assist with conducting security assessments through vulnerability testing and risk analysis within good time and to a high standard.
12. Assist with performing both internal and external security audits.
13. Analyse security logs from various systems for breaches and make recommendations as appropriate.
14. Assist in verifying the security of third-party vendors and collaborating with them to fulfill security requirements.
15. Review daily security logs for abnormal events and escalate them to the IT Security teams in a timely manner.
16. Conduct technical vulnerability assessments and regular penetration testing of IT systems and processes to identify potential vulnerabilities and provide recommendations for risk mitigation.

Knowledge, skills and experience

Essential skills:

1. BSc in Cyber Security, Computer Science, or equivalent practical experience.
2. Demonstrable technical knowledge of hybrid estate.
3. Relevant experience of reviewing technical security events.
4. Skilled in implementing a robust and trustworthy security configuration for various devices, ensuring that all security protocols are effectively set up to protect against unauthorized access and potential threats.
5. Substantial experience of testing and reviewing security solutions.
6. Practical experience of effectively managing cyber incidents.
7. Strong reasoning and advisory skills, with the ability to effectively engage with and influence senior management.
8. Able to communicate confidently and effectively with staff at all levels in the organisation.
9. Able to collaborate well with third parties to understand critical security bottlenecks.
10. Strong knowledge of Microsoft Defender and network architecture.
11. Substantial experience in a Security Operations Centre (SoC), Network Operations Centre (NoC).
12. Strong understanding of Incident Response processes and methodologies and experience with MITRE ATT&CK framework to map and analyse threats.
13. Knowledge of Endpoint Detection and Response (EDR) platforms.
14. Familiarity with threat hunting techniques and processes.