IT Security Analyst

Posted 04 July 2024
LocationLondon
Job type Permanent
Discipline InfoSec
Reference756440

Job description


Are you looking for your first internal security role? Trident Search are working with a management consulting firm based in London who are looking for someone with solid foundational cyber security skills, covering engineering, security analytics and risk.
The organisation is based in London, and they have an abundance of technologies that need fine tuning to reduce the noise in their environment. Once this has been achieved, they look for further mature their security posture.

Job Responsibilities:

Threat Intelligence and Security Monitoring
  • Utilize advanced security tools to continuously monitor and analyze the organization’s networks and systems.
  • Stay current with the latest security and technology trends to anticipate and mitigate security challenges.
  
Vulnerability Management
  • Lead initiatives to identify, evaluate, and prioritize vulnerabilities in network infrastructures, applications, and integrated systems.
  • Collaborate with internal and external IT teams to ensure security patches and controls are effectively applied.
  
Incident Response and Forensics
  • Investigate potential security breaches and assist with compliance matters.
  • Conduct forensic analysis to identify root causes and implement corrective measures to prevent future incidents.
  • Contribute to the development of an effective security incident response strategy.
  
Compliance and Risk Assessment
  • Ensure adherence to necessary compliance regulations regarding information security and data privacy.
  • Assist in performing scheduled risk assessments and audits, recommending improvements in compliance, technical, and operational processes.
  
Policy Development and Implementation
  • Develop, manage, and implement comprehensive IT security policies, guidelines, and procedures.
  • Educate and train staff on compliance and security measures.
  
Stakeholder Engagement
  • Work closely with stakeholders, including management, IT support, and external partners, to enhance the organization’s security posture.
  • Present complex security issues and solutions to stakeholders at all levels.
  
Problem-Solving Skills
  • Ability to think analytically and strategically to navigate complex security challenges and provide practical solutions.
  
Communication Skills
  • Exceptional interpersonal and presentation skills, capable of explaining complex security risks and concepts to non-technical stakeholders.
  
Attention to Detail
  • Meticulous attention to detail with a commitment to achieving high standards of data security.
  
Technology Requirements:
Advanced Security Tools
  • In-depth knowledge of security platforms and services such as Cloud Firewalls, ZTNA (Zscaler), Anti-Virus/Malware (Cortex XDR), VPNs (Palo Alto), Remote Connectivity, Mobile Device Management, Password Managers (Keeper), MFA (Ping ID, Authenticator), and Email security (Mimecast, Proofpoint).
  
Network and System Security
  • Strong understanding of network protocols, certificate and encryption technologies (including Bitlocker), API security, hosted website security, and secure network architectures.
  • Experience with cloud security frameworks.
  
Microsoft and Azure
  • In-depth security knowledge of Windows OS, Office 365 suite, and Azure-based infrastructure (Entra ID, Conditional Access, Compliance, Defender, Data Vault).
  
Programming and Scripting
  • Scripting/PowerShell experience is desirable but not required.
  
Regulatory Knowledge
  • Extensive familiarity with global and regional regulatory compliance frameworks including ISO 27001, GDPR, and SOC 2.
  • Knowledge of industry best practices and experience in conducting internal audits is desirable.
  
Security Information & Event Management (SIEM)
  • Experience working with an IT Security Operations Center, ensuring relevant ingestion and processing of SIEM logs to provide meaningful alerts.
  • Working knowledge of Microsoft Sentinel and Splunk is desirable.
  
Corporate IT Applications
  • Strong knowledge of common business software and cloud-based services (e.g., Microsoft Office 365, Teams, Slack, Box, Asana, Jira).
  
Key Skills & Qualifications:
Education
  • Bachelor’s degree in Computer Science, Information Security, Cybersecurity, or a related field.
  
Experience
  • 3-5 years of experience in an IT security role with a proven track record in risk management, incident response, and security operations.
  • Experience in IT security within a SaaS/Cloud-based environment is required.
  
Certifications
  • Industry certifications such as CISSP, CISM, CompTIA Cyber Security Analyst+, and CompTIA Security+ are highly desirable.
  
If you are interested in your first internal security role, then go ahead and apply now.