Senior Security Operations Analyst

Our client is looking for a Senior Security Operations Analyst to assess the effectiveness of security and risk management controls, to detect security issues, events and incidents. The analyst will be able to recommend appropriate and proportional actions to keep their data and operations, as well as our customers' data, safe. The successful candidate must have the ability to analyse disparate pieces of technical and non-technical information, from a variety of sources and in many formats, in order to quickly and accurately assess the scope, severity and potential impact of a security issue or vulnerability, or event, or incident and to work with other internal teams to take appropriate action on a timely basis and, at times, under pressure. The role will real-time monitor security systems, telemetry and threats supplied by various tools and systems: Firewalls, Intrusion Detection and Prevention Systems (NIDS/NIPS, HIDS/HIPS), Log Monitoring, Traffic Inspection, Anomaly detection.. The Analyst will Monitor, react to, investigate and respond to all real or perceived information security and cyber related events, issues, incidents, threat and attacks within desired time scales. You will determine the severity of alerts and security vulnerabilities, assess potential impacts, recommend next steps, follow through with risk treatment and mitigation.

You will successful candidate will have

• Experience securing and monitoring On-premise and Cloud based, as well as SaaS / hybrid, environments (applications, infrastructure, operations, processes, etc).
• Expertise in taking policy statements and translating them into actual, implementable, security controls that can be monitored, audited and constantly improved. Ability to judge their effectiveness and recommend improvements.
• Good understanding and demonstrable hands on experience with operating systems and tools (Linux/Unix preferred) and fundamental Internet technologies (routing, switching, DNS, etc), in an enterprise or service provider environment.
• Scripting and automation: Good ability to read and understand logs and alerts, to use specialist tools and programming / scripting languages (Python, Shell, PowerShell, etc), to automate tasks.
• Good, practical, knowledge of information security and cyber risk management technologies, tools, applications and systems, for both Cloud (preferred) and On-Premise.
• Understanding of common information security management standards, frameworks, and laws / regulations: e.g. CIS Top20, ISO/IEC 27001, NIST 800-53, BSIMM, etc; GDPR, etc.

This is a very interesting and rewarding role working with a talented team. Please send in your word document CV to apply and more information.

Please note that due to a high level of applications, we can only respond to applicants whose skills and qualifications are suitable for this position.

No terminology in this advert is intended to discriminate against any of the protected characteristics that fall under the Equality Act 2010.

Bowerford Associates Ltd is acting as an Employment Agency in relation to this vacancy...... click apply for full job details