Cyber Security Analyst
Location: Remote working with once per month travel to London
Salary: £45,000 to £55,000 per annum
The business stands for dedication to clients, market firsts, and deep expertise in risk management. We've grown to become a leading global assurance provider, bringing together outstanding expertise in certification, customised assurance, cybersecurity, inspection and training.
While we're proud of our heritage, it's who we are today that really matters, because that's what shapes who we and our clients can become tomorrow. By staying true to our shared values and combining decades of collective experience, we support our clients in building a safer and more sustainable future.
The business currently operates across 50 countries, has more than 2,500 colleagues, generates £315m in revenue, and supports more than 60,000 clients across a diverse range of sectors and markets.
Role purpose
We are seeking a Cyber Security Analyst to join our Security Operations team within an expanding and dynamic Information Security function. The successful candidate will report to the Head of Security Operations and monitor our telemetry systems across networks, servers, and endpoints and respond to security threats.
We use an offensive security mindset. This means we focus on what hackers do, how they do it, how we can prevent and protect the business. As a security analyst working for the business you will be a part of our growing information security team, who all share a passion for technical security challenges. You will work on a variety of different technical assignments within the security domain. You will work our team which shares affinity and experience for security technology.
Location:
This role is hybrid based within the UK, with a mixture of Home and Office based working for collaboration, team building and workshops. We can support working from across the UK. All applicants will require residence in the UK.
Working Pattern:
This role will require you to work alternating early, mid and late shift patterns of no more than contracted 7.5 hours per day to cover a 12-hour working day across the team.
NOTE: This role is for the internal team, not part of the Managed Services Team.
To be successful you will have:
Essential:
- Experience in operating a Microsoft Defender security tooling stack. Reviewing alerts, vulnerabilities, investigating incidents, and tuning our detection stack for optimal performance.
- Microsoft SC-200 Certified.
- Come from a penetration testing or security operations background and understand common attack techniques against Windows AD/AAD environments.
- A keen eye for detail and making sure that our processes and procedures are documented, appropriate, and practiced.
- Be calm under pressure and operating as the point of contact for security incidents, collaborating on our response and remediation work.
- Not be afraid to learn new tooling or technologies. A growth mindset is key to being successful with us.
- A keen eye for optimising existing security tooling and an aversion to buying unnecessary tools and technologies.
- A great understanding of attacker Tactics, Techniques, and Procedures (TTPs). You don't need to be a threat intelligence expert, but you should have some background in reviewing and understanding threat intelligence reporting.
- Be comfortable being a solo contributor, and being able to thrive working either on your own or across our team.
- Great creativity, imagination, and commitment for reducing security risks.
Desirable:
- Experience Microsoft Sentinel and Zscaler security products.
- Hold Microsoft SC-300, SC-400 and/or SC-900
- Experience and/or certifications in offensive security, such as OSCP or eCPPT, or experience on platforms such as HackTheBox or TryHackMe.
- Strong familiarity with tooling such as EDR, CSPM, PAM, NGFW, vulnerability management, and mail filtering.