I am currently recruiting for an experienced security analyst on a 6 month month contract to work for an Insurance company based in Central London.
The purpose of the role is planning and implementing security measures to protect computer systems, networks and data. Analysing and assessing potential security risks, developing plans to deal with such incidents by putting measures in place such as firewalls and encryption, monitoring and auditing systems for abnormal activity, and executing corrective actions.
- Threat intelligence collection, analysis, and dissemination to SOC & IT Ops team members
- Forensic and malware analysis
- Harvest Indicators of Compromise (IOCs) and Tactics, Techniques, and Procedures (TTPs) to investigate if a threat has affected the environment
- Investigation of compromised assets
- Hunt through available logs to look for anomalous behaviours
- Work with third parties in order to effectively respond to Incidents raised and develop use case library
- Develop improved processes to reduce security incident detection time, as well as that time to contain an attack.
- Maintenance of Incident Response plans and procedures and development of incident response playbooks to ensure the availability of consistent response actions that can be utilised by Information Security staff.
- Maintain appropriate security technology stack (Check Point, FireEye, patching, vulnerability scanning) and ensure global coverage
- Undertake third party security audits and assessments.
- Maintain up-to-date knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes and the development of new attacks and threat vectors.
- Perform risk assessments and testing of new systems and services to identify weaknesses in Security
- Work with your line manager to select, review and recommend security enhancements - for example, HIDS, Encryption, Full Packet Capture
- Build up threat intelligence information capability by joining sharing communities and subscribing to feeds.
- Developing metrics to demonstrate security coverage and highlight risks and issues
- Organise penetration testing and vulnerability scanning. Track and close outstanding actions
- Develop and maintain a secure, access-controlled repository
- Assist in supporting existing Network operations technologies
- 2-3 years of related information and cyber security experience within Financial Services
- Experience of defining security requirements for projects
- Flexible and co-operative team player.
- Good understanding of technology developments.
- Some experience of supporting Financial Services business.
- Interest in and awareness of modern computer security technical challenges.
- Scripting and programming
- Experience with security incident response including identification, preservation and interpretation of computer evidence
- IDS/IPS technologies
- Experience in the following technologies: Cisco, Bluecoat, CheckPoint Gateway & Endpoint, FireEye, McAfee ePO, SIEM, Dell Secureworks, Dark Trace
- SANS training beneficial
- A Global Information Assurance Certification (GIAC) Certified Incident Handler (GCIH), GIAC Certified Intrusion Analyst (GCIA), or equivalent certification would be advantageous
- Knowledge of Security Compliance Framework(s) such as ISO 27001 and NIST 800 Series
- Proven experience in securing Windows, Linux and VM platforms
- Proven Experience in writing technical and operational procedures
Please apply to the role for immediate consideration.