Senior Cyber Security Analyst - City of London

£70,000 - £80,000 - IT/Information/Cyber Security
Ref: 30 Date Posted: Wednesday 10 Oct 2018
LinkedIn ShareShare
More
Company:    Financial
Location:     City of London
Salary:         £70,000 - £80,000
Benefits:      Generous
 

Overview of role

 
The Global IT Security & Technical Risk Operations group is currently looking for a Senior Cyber Security Analyst based in the London Head office to be responsible for escalation point for security incidents within established Service Level Agreements.
 
Performing daily operational real-time monitoring and analysis of security events from multiple sources including but not limited to events from Security Information Monitoring tools, network and host-based intrusion detection systems, network infrastructure logs, system logs (Unix & Windows), applications and databases. When security incidents have been identified the analyst will need the appropriate knowledge to conduct computer forensic analysis, data recovery, eDiscovery, and other IT investigative work.
 
• Additional responsibilities will include performing documentation review and improvement, attending meetings as needed, serve front line response for troubleshooting low-level engineering issues as needed.
• Collaboration with IT technical teams for issue resolution and mitigation
• Documentation of actions taken for audit, regulatory and legal purposes within approved event tracking system
• Communicate and escalate issues and incidents as required by process or management
• Collaboration with IT technical teams to deliver Information Security service improvements through project lifecycle
 
The Global Computer Security Incident Response Team (CSIRT) is a 24x7, follow-the-sun operation with members in key geographical locations, this position will be required to cover UK shift rotational week days between 08:00 – 18:00, rotational on call evening, weekends and public holidays for security incident escalation.
 

Essential Skills

 
• A sound understanding of TCP/IP and networking concepts
• Solid and demonstrable comprehension of Information Security including malware, emerging threats, attacks, and vulnerability management
• Host level forensics
• Strong deductive reasoning, critical thinking, problem solving, and prioritisation skills
• Experience assisting the development and maintenance of tools, procedures, and documentation for the Computer Security Incident Response Team (CSIRT)
• Customer service including the resolution of customer escalations, incident handling, and response
• Subject matter expert (SME) in one or multiple areas such as Windows, Unix, firewalls, intrusion detection, threat detection analysis, or computer forensic
• Ability to think strategically, work with a sense of urgency and pay attention to detail
• Ability to follow detailed process and procedure documentation
• Ability to present complex solutions and methods to general community
• Demonstrated ability to be reliable and flexible
• Excellent written and verbal communication and organisational skills
• Strong team player that collaborates well with others to solve problems and actively incorporate input from various sources
• Understanding of network design principles with and knowledge of the OSI model
• Ability to rapidly find, assimilate and correlate information correctly while under pressure
• One or more of the following SANS GIAC, GCIA or GCIH certification
and/or CEH
• Experience working within a global team across time zones, cultures, and languages
 

Desirable Skills

 
• Working knowledge UNIX/Linux
• Working knowledge of powershell
• Working knowledge of regex/yara
• Working knowledge of malware forensic technologies
• Working knowledge of malware sandboxing technologies
• Working knowledge Vulnerability Management Products
• Working knowledge of SQL queries