We are looking for a security analyst to join our highly skilled team to take part in the development, implementation, upkeep and monitoring of security controls. The successful candidate will be passionate about security technologies and will have the curiosity and the ability to find loopholes at both a technical and process level. They will also be able to learn quickly and stay abreast of the latest tools and security methods or developments.  They must be able to use their own initiative in a fast moving environment with ever-changing business requirements. They will also work closely as part of the wider Infrastucture team.  

The role offers the opportunity to think strategically around data protection to meet regulatory and audit requirements as well as corporate standards ensuring that technology, security and infrastructure concepts are translated.   

Key Responsibilities

Security monitoring and incident management, through the use of security event management system, intrusion detection/prevention systems, vulnerability scanning tools, endpoint security solutions or other applicable sources.

Engage with the business and other teams to better understand how data is handled and exchanged.  

Translate business requirements into security and infrastructure concepts.  

Assess systems for vulnerabilities and recommend mitigations.  Support internal and external audits and implement recommendations

Install, configure, maintain and troubleshoot security devices or software, review designs at a software and network level and make recommendations.

 Improve operational visibility of data flows, system baselines and user activities.  Act as escalation point for security related incidents Periodic review and development of processes and policies to ensure they adequately support and facilitate business functions. Ensure the monthly tasks of the security calendar are completed and perform related duties as assigned by management.   Continuously document and improve the security of systems.  Maintain and improve system configuration Provide user training as required.

Desired Skills and Experience

  • Understanding of security concepts and principles
  • In-depth knowledge of Linux and Windows Operating Systems
  • Strong scripting ability with Bash and another such as Python or Ruby
  • Understanding of configuration management systems, ideally Puppet
  • Web application vulnerabilities
  • Knowledge of basic networking and TCP/IP
  • Monitoring of systems and dealing with large amounts of data.
  • Strong interpersonal and communication skills.
  • Ability to work effectively as part of a team and independently.
  • Minimum of 3-5 years of working in a Security role.
  • Active Directory and LDAP
  • Popular programming languages such as Java
  • Intrusion Detection systems
  • SIEM Technology
  • Fsecure Anti Virus
  • Web Filtering and DLP
  • Some knowledge of PCI DSS, DPA and ISO 27K standards
  • Awareness of security related legislation e.g. Data Protection Act
  • The Ideal candidate will have the ability to ‘see the big picture’ and think strategically around data protection to meet regulatory and audit requirements and corporate standards. Must have an ability to translate underlying technology, security, and infrastructure concepts to business requirements.
  • Professional security qualifications are desirable but not essential.