Senior Security Analyst
Senior Security Analyst
The Role
- Review IT changes and provide input to the Change Advisory Board
- Support Cyber Security Team in developing and maintaining an assessment to provide assurance on the adequacy and effectiveness of the IT control environment to meet company Information Security standards
- Manage Vulnerability scans (both Application and Infrastructure) and external PenTest engagements. Driving remediation efforts to reduce information security risks
- Manage external security vendors and outsourced service providers; ensure delivery and performance meet agreed SLA and KPI
- Perform research of new threats, assessment and analysis on Intrusion Detection and Prevention tools, Firewalls, Antivirus systems, proxy devices which requires demonstrable security incident response experience
- Create and maintain security operational reports for Key Performance Indicators and weekly and Monthly Metrics
- Conduct Project and Vendor assurance activities as required
- Execute daily adhoc tasks or lead security projects as needed
The Person
- Customer Focus
- Communication & Confidence
- Planning & Reviewing
- Attention to Detail
- Able to prioritize and effectively manage conflicting priorities
Technical Skills
- Working in the IT security and security operations fields;
- Solid understanding of Risk Management, DPA and EU GDPR, PCI DSS and ISO 2700x standards
- Excellent understanding of applications security and relevant standards (OWASP);
- Knowledge of cutting edge threats and technologies effecting Web Application vulnerabilities, Endpoints, Infrastructure and recent threats
- Good knowledge of networking technologies (OSI, TCP/IP, Routing and Switching, Firewalls, IDS/IPS, DDoS, DNS, Load Balancer)
- Good knowledge of various operating systems (Windows/UNIX)
- Demonstrable experience of performing both internal and external vulnerability assessments
- Previous experience in Project assurance is beneficial
- Computer Science Degree or similar preferred
- Certifications from EC-Council, GIAC, (ISC)² are preferred (CISSP, CISM, CEH, GCIA, CCNA- (Security) or above)
- Excellent communication skills, able to confidently converse with technical and non-technical stakeholders