Cyber Security Operations Analyst II

Location City of London
Discipline: Security & Compliance
Job type: Permanent
Salary: £80k per annum

​A fantastic opportunity has come up at a Highly-Innovative Commercial Bank for a Cyber Security Operations Analyst II. This is a permanent hybrid position based in the City of London.

About the company

Their clients are the game changers, leaders and investors who fuel the global innovation economy. They're the businesses behind the next medical breakthroughs. And the visionaries whose new technologies could transform the way people live and work.

They come to the organisation for their expertise, deep network and nearly forty years of experience in the industries they serve, and to partner with diverse teams of passionate, enterprising, dedicated to an inclusive approach to helping them grow and succeed at every stage of their business.

Join them and be part of bringing their clients' world-changing ideas to life. They have the opportunity to grow and collectively make an impact by supporting the innovative clients and communities they serve. They pride themselves in having both a diverse client roster and an equally diverse and inclusive organisation. And they work diligently to encourage all with different ways of thinking, different ways of working, and especially those traditionally underrepresented in technology and financial services, to apply.

About the role

The Cyber Security Operations Analyst will protect the company by providing timely response to cyber security threats, incidents, and requests for investigation using industry leading tools and practices. The analyst will assist in the development of runbooks and processes to streamline the investigations and provide accurate and consistent documentation and response to security events. The analyst will continuously train to be apprised of emerging technologies, threats, attacks, and countermeasures.

KEY RESPONSIBILITIES:

  • Independently monitor and triage cybersecurity alerts in a case management system

  • Identify opportunities to tune signatures and alerts and make recommendations to senior analysts

  • Independently investigate, respond, escalate, and document findings for cybersecurity incidents with guidance from more senior analysts

  • Review and provide quality control input for closed cybersecurity cases and incidents

  • Work with various teams and stakeholders to mitigate cybersecurity incidents

  • Follow documented processes independently and update runbooks and documentation accordingly

  • Search for threat indicators based on targeted threat hunts provided by the cyber threat intelligence team

  • Participate in continuous learning and department training exercises (tabletop, blue and purple team, etc.)

  • Monitor events in cyber security instrumentation through direct access and central log management

  • Participating in an on-call pager rotation for responding to high urgency alerts

KNOWLEDGE:

  • Cybersecurity best practices and trends

  • Cybersecurity incident response lifecycle and methods

  • Mitre Attack Framework

  • Cybersecurity risks and controls

  • Networking and TCP/IP protocol

  • Windows and Linux operating systems

  • Cybersecurity architectures and methodologies (Defense in depth, Kill-Chain, NIST, OWASP, etc.)

  • Amazon Web Services

  • Indicators of compromise (IOC) and Tactics techniques and procedures (TTP)

SKILLS:

  • Analyze application, system, and security logs from any log source

  • Document forensic investigation and research findings

  • Demonstrate clear written and verbal communication

  • Work well independently without in-person supervision

  • Collaborate with team members across separate geographic locations

  • Work well under pressure of cybersecurity incidents

  • Build relationships with individuals across the organization

REQUIRED EDUCATION & EXPERIENCE:

  • Bachelor's degree in a technical field (cybersecurity, information technology, computer science, computer engineering, etc. ) or commensurate experience in a technical job role

  • Experience within a cybersecurity role

CERTIFICATIONS:

  • Certified Information Systems Security Professional (CISSP) or Associate of (ISC)²

  • Certified Cloud Security Professional (CCSP)

  • Systems Security Certified Practitioner (SSCP)

  • GIAC Security Essentials (GSEC)

  • GIAC Certified Intrusion Analyst (GCIA)

  • GIAC Certified Incident Handler (GCIH)

  • GIAC Certified Enterprise Defender (GCED)

  • GIAC Continuous Monitoring Certification (GMON)

  • GIAC Certified Forensic Analyst (GCFA)

  • GIAC Advanced Network Forensics (GNFA)

  • CompTIA Security+

  • CompTIA Advanced Security Practitioner+ (CASP+)

  • Certified Ethical Hacker or Computer Security Incident Handler (CSIH)

  • EnCase Certified Examiner (EnCE)

  • Access Data Certified Examiner (ACE)

  • AWS Cloud Certified Practitioner

  • AWS Cloud Certified Practitioner

  • AWS Certified Solutions Architect or Associate

  • AWS Security Specialty