Security Threat Analyst

Role Purpose

The Cyber Threat and Vulnerability Analyst (TVA) identifies and manages weaknesses and cyber threats in networks and software based on best practice, emerging threat landscape as it pertains to our business and IT footprint and then takes measures to strengthen security within our IT systems.This role will part of a growing team of Cyber Security professionals looking deliver a 3-4 year Cyber Transformation Program and will be core to our security strategy including the implementation of a SIEM and a Managed Security Service provider. The primary purpose of this role is to manage, respond and implement security controls to proactively prevent current and future cyber threats.Reporting into our Senior Security Engineering team they will work closely with Vulnerability Teams and wider IT teams and business units. This role will ensure that any findings are brought to the attention of the business and will work within the cyber security function to prioritize and remediate threats liaising with other parts of the organisation to assure remediation is carried out in accordance with policy.

Tasks and Responsibilities

General Duties and ResponsibilitiesThreat Analysis

• Monitor and analyse external and internal cyber threats to assess risk;
• Analyse the likelihood of emerging threats and what the potential impact could be to the organization;
• Consolidate cyber threat intelligence feeds into our Microsoft environment;
• Analyse and improve internal and external risks and security controls to assure existing security posture;
• Provide requirements to influence cyber threat mitigation strategies;
• Support investigations in security events/incidents;

Vulnerability Management

• Collaborate with the vulnerability team to conduct vulnerability scans for our environments (Cloud Services, On-Prem, End Points).
• Co-ordinate responses to dealing with critical vulnerabilities.
• Review and analysing vulnerability data to identify trends and patterns and risks to the business.
• Advising employees responsible for remediation on best practice remediation.
• Influence the development of vulnerability management standards and security policies.
• Operate vulnerability management processes, suggesting applicable change controls, and security exceptions.
• Continually improve vulnerability reporting and monitoring solutions.
• Maintain and update process guides and assist with reporting to leadership and service stakeholders.
• Perform risk-based technical assessments on technical vulnerabilities.

Incident Management

• Assist and support the manager in event/incident handling and investigations;
• Support the Critical Incident Management process for cyber related events.

Collaboration and Effective Communication

• Communicate regularly with the Service Delivery managers and Service Delivery team members;
• Ensure that the IT Security documentation is maintained and updated regularly as required;

Requirements

Knowledge and Experience

• Recent and relevant experience of threat and vulnerability management in the UK Defence or commercial sector.
• Experience of working in a diverse Global Company;
• Excellent knowledge of security solutions and technologies including Network Firewalls, proxy technologies, EDR, SIEM;
• Understanding of SASE solutions and cloud-based service delivery of traditional security controls;
• Knowledge of Intrusion detection/prevention systems (IDS/IPS/WAF) and vulnerability assessment tools;
• Excellent knowledge of Computer Networking and IT Security and strong endpoint and networks troubleshooting skills;
• Track record of working within an IT security infrastructure (network and servers) and services, including Cloud computing
• Excellent knowledge of different threat scenarios, incident response and remediation techniques;
• Experience with Security frameworks, ISO 27001, Cyber Essentials, NIST, PCI;
• Experience of investigating security issues/incidents.

Qualifications and Specialist Skills

• Desirable qualifications Microsoft Security qualifications AZ-500, SC-200, SC-400, SC-300, GIAC Enterprise Vulnerability Assessor, GIAC Cyber Threat Intelligence, GIAC Security Operations or equivalent demonstrable experience (Training will be provided);
• Good communication skills and ability to articulate subjects clearly;
• Proven analytical and problem-solving skills;
• Strong documentation skills;
• Organized, methodical and self-motivated;
• Keeping abreast of industry trends and security technologies.

Career Framework Level - Band E. Application closing date for Control Risks employees 28 September 2022

Benefits

• Control Risks offers a competitively positioned compensation and benefits package that is transparent and summarised in the full job offer.
• We operate a discretionary global bonus scheme that incentivises, and rewards individuals based on company and individual performance.
• Control Risks supports hybrid working arrangements, wherever possible, that emphasise the value of in-person time together - in the office and with our clients - while continuing to support flexible and remote working.
• As an equal opportunities employer, we encourage suitably qualified applicants from a wide range of backgrounds to apply and join us and are fully committed to equal treatment, free from discrimination, of all candidates throughout our recruitment process.

Apply for this job