A fantastic opportunity has come up at a Highly-Innovative Commercial Bank for a Cyber Security Operations Analyst II. This is a permanent hybrid position based in the City of London.
About the company
Their clients are the game changers, leaders and investors who fuel the global innovation economy. They're the businesses behind the next medical breakthroughs. And the visionaries whose new technologies could transform the way people live and work.
They come to the organisation for their expertise, deep network and nearly forty years of experience in the industries they serve, and to partner with diverse teams of passionate, enterprising, dedicated to an inclusive approach to helping them grow and succeed at every stage of their business.
Join them and be part of bringing their clients' world-changing ideas to life. They have the opportunity to grow and collectively make an impact by supporting the innovative clients and communities they serve. They pride themselves in having both a diverse client roster and an equally diverse and inclusive organisation. And they work diligently to encourage all with different ways of thinking, different ways of working, and especially those traditionally underrepresented in technology and financial services, to apply.
About the role
The Cyber Security Operations Analyst will protect the company by providing timely response to cyber security threats, incidents, and requests for investigation using industry leading tools and practices. The analyst will assist in the development of runbooks and processes to streamline the investigations and provide accurate and consistent documentation and response to security events. The analyst will continuously train to be apprised of emerging technologies, threats, attacks, and countermeasures.
KEY RESPONSIBILITIES:
Independently monitor and triage cybersecurity alerts in a case management system
Identify opportunities to tune signatures and alerts and make recommendations to senior analysts
Independently investigate, respond, escalate, and document findings for cybersecurity incidents with guidance from more senior analysts
Review and provide quality control input for closed cybersecurity cases and incidents
Work with various teams and stakeholders to mitigate cybersecurity incidents
Follow documented processes independently and update runbooks and documentation accordingly
Search for threat indicators based on targeted threat hunts provided by the cyber threat intelligence team
Participate in continuous learning and department training exercises (tabletop, blue and purple team, etc.)
Monitor events in cyber security instrumentation through direct access and central log management
Participating in an on-call pager rotation for responding to high urgency alerts
KNOWLEDGE:
Cybersecurity best practices and trends
Cybersecurity incident response lifecycle and methods
Mitre Attack Framework
Cybersecurity risks and controls
Networking and TCP/IP protocol
Windows and Linux operating systems
Cybersecurity architectures and methodologies (Defense in depth, Kill-Chain, NIST, OWASP, etc.)
Amazon Web Services
Indicators of compromise (IOC) and Tactics techniques and procedures (TTP)
SKILLS:
Analyze application, system, and security logs from any log source
Document forensic investigation and research findings
Demonstrate clear written and verbal communication
Work well independently without in-person supervision
Collaborate with team members across separate geographic locations
Work well under pressure of cybersecurity incidents
Build relationships with individuals across the organization
REQUIRED EDUCATION & EXPERIENCE:
Bachelor's degree in a technical field (cybersecurity, information technology, computer science, computer engineering, etc. ) or commensurate experience in a technical job role
Experience within a cybersecurity role
CERTIFICATIONS:
Certified Information Systems Security Professional (CISSP) or Associate of (ISC)²
Certified Cloud Security Professional (CCSP)
Systems Security Certified Practitioner (SSCP)
GIAC Security Essentials (GSEC)
GIAC Certified Intrusion Analyst (GCIA)
GIAC Certified Incident Handler (GCIH)
GIAC Certified Enterprise Defender (GCED)
GIAC Continuous Monitoring Certification (GMON)
GIAC Certified Forensic Analyst (GCFA)
GIAC Advanced Network Forensics (GNFA)
CompTIA Security+
CompTIA Advanced Security Practitioner+ (CASP+)
Certified Ethical Hacker or Computer Security Incident Handler (CSIH)
EnCase Certified Examiner (EnCE)
Access Data Certified Examiner (ACE)
AWS Cloud Certified Practitioner
AWS Cloud Certified Practitioner
AWS Certified Solutions Architect or Associate
AWS Security Specialty