Job Openings Information Security Analyst

About the job Information Security Analyst

Job Description

  • Support the Chief Information Security Officer in performing key activities related to the Group information security program.
  • Perform horizon scanning and reporting in respect of security trends and developments that could be applicable to the Group.
  • Maintain technical knowledge of security tools and best practices concerning attacker tactics and techniques, response processes, and incident containment and remediation.
  • Monitor key security systems for potential incidents and security issues using various tools, such as endpoint analysis, SIEM products, and data loss prevention systems.
  • Interface with the firm's 24/7 managed cybersecurity services provider and incorporate relevant threat intelligence into awareness and operational practices.
  • Assist with implementing improvements in the security team's functions and capabilities, including enhancing processes such as incident handling, tooling, and general skills and knowledge.
  • Support the delivery of projects and ongoing tasks aligned with your role, such as rolling out new security tools.
  • Assist with conducting technical information security reviews to ensure a "security first" approach is followed across the organization, identifying areas for improvement and making recommendations to address identified issues.
  • Plan and perform security related testing of key systems to ensure agreed security requirements are successfully delivered.
  • Support the firm's response to security incidents from initial triage through to closure.
  • Work with Major Incident teams and the CISO to support investigations into security incidents.
  • Document incidents clearly and report upwards as required.
  • Support and manage the scoping of supplier work, such as penetration tests, build or network security reviews, and oversee the delivery of this work.
  • Provide support in the timely completion of client and supplier-related assurance activities.

Qualifications

  • At least 3 years' experience in a relevant technical Information Security role
  • Functional understanding of IT systems, including security and data privacy concepts and practices
  • A strong interest in cyber security and a desire to learn is essential.
  • Qualifications such as Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH) are desirable but not essential.