Cyber Security Analyst

Detection and Analysis

Containment, Eradication

Recovery

Reporting

Remediation (Triage, Incident Handling and Threat Hunting)

In addition to monitoring and incident management, the position is responsible for providing cyber security subject matter expertise, service management, and hands on administration of advanced cyber security tooling as assigned. Specific service management and administration assignments will vary by individual and may include services such as System Information & Event and Management (SIEM), Vulnerability and Patch Management, Data Leakage Protection, User Rights Management, Conditional Access or CASB, Application Whitelisting, Firewall management, and Anti-Malware. The position also supports road mapping, projects and risk assessments, policy management, reporting, and cross-training. The role will require working within the Security Operations Centre (SOC) and requires flexibility across all times zones as it involves engagement with colleagues from all locations of the global business.

Monitor cyber information, events, alerts, and ticketing queues to identify security events and threats across multiple technologies to ensure security incidents are identified timely

Proactively research and maintain a proficiency in current and emerging threats, vulnerabilities and security technology developments

Evaluate and utilize intelligence for new threats and vulnerabilities to ensure protective monitoring is capable of detecting potential new attacks

Provide assurance of security posture through monitoring security system status

Respond to tickets and incidents as assigned

Support the incident and problem response process through to closure

Act as Level II SME escalation; work with internal and external individuals in preparation and when necessary, remediation/suppression

Support, maintain, and tune security tooling and systems as assigned

Support and maintain operational procedures and documentation

Ensure timely accurate communications of alerts to stakeholders responding to escalations, or will escalate if required as per the agreed processes

Work collaboratively with BIS teams to position information security as a key enabler within each service area

Make recommendations of countermeasures, mitigating controls, best practice configuration and processes to improve operational effectiveness and efficiency within security operations

Proactively support the secure delivery of BIS strategies and delivery objectives

Minimum 4 years of proven work experience as a Cyber Security Analyst or similar role

Minimum 2+ years hands-on firewall administration preferably in a SOC environment

Professional information security certifications such as CompTIA Security+, CEH, GIAC, CISSP, CISM, CCNA Security, CCNP Security or CISA required

Excellent communication skills with the ability to engage with a variety of different people

Strong analytical skills and problem-solving capabilities with attention to detail

Ability to work well with others, with an emphasis on virtual teams across multiple time zones

Recognize and respond to potential, successful, and unsuccessful cyber-attacks and compromises thorough reviewsand analyses of relevant event detail

Subject matter expertise in multiple security technologies and across the cyber security body of knowledge