IT Security Analyst (Asset management)
My client is a hugely successful and growing asset management firm. They seek an IT security analyst to supplement a growing team.
As a growing investment management company, they are looking to recruit a Security Analyst to join a small, dynamic and results-driven team.
We are looking for a Security Analyst who is proactive and has experience managing a varied workload. This role has a 50/50 split between business-as-usual and project-based tasks.
KEY RESPONSIBILITIES:
*Proactively developing the Group's cyber security controls, standards and procedures according to best practices, research and the latest threat intelligence data.
*Ownership, continual improvement and day-to-day monitoring of SIEM and other security systems to ensure incidents, real and potential, are quickly identified, responded to and resolved.
*Performing regular vulnerability assessments, reviewing system/ application configuration for weaknesses and managing the Group's penetration testing exercises. You will work closely with subject matter experts to mitigate risks to within acceptable levels.
*Providing resource to IT and business-led projects collaborating with the project team to define formal security requirements, performing technical design reviews and delivering practical solutions that support and enable successful project delivery.
*Assist in the development and maintenance of security policies, standards and procedures to support the Group's risk management framework and business strategy.
*Producing written reports, research papers, status updates and MI on request for management review in support of the security governance programme.
*Contribute to and support the security strategy.
*Maintain up-to-date knowledge of security threats, countermeasures, best practices and technologies.
EXPERIENCE REQUIRED:
*Previous experience in a similar role.
*UK Financial Services experience is preferred.
*Technical background is essential.
*Knowledge of SANS Critical Controls.
*Log and security event analysis and incident response.
*System configuration and hardening best practices (Firewalls, Microsoft Windows, Switches and routers, virtualisation technologies).
*Excellent understanding of anti-malware defence strategies, network/ communications, web and email security.
*Ethical hacking/ penetration techniques.
*Risk assessment methodology.
*Knowledge of ISO 27001 processes and best practices.
QUALIFICATIONS REQUIRED:
*Educated to degree level or equivalent.
*Industry certification such as SANS, CEH, OSCP, CCNA, CCNA Security, CISSP, CISM, CISA or equivalent.
SKILLS REQUIRED:
*Proactive and a self-starter.
*Practical and considered approach to solving security challenges.
*Professional at all times.
*Confident and assertive.
*Can plan, organise and prioritise workload effectively to meet tight deadlines.
*Performs well working as part of a team or alone.
*Strong analytical and problem solving skills.
*Excellent communication skills both verbal and written.
*Ability to be flexible whilst maintaining a professional and structured approach. 
Leave a Reply
You must be logged in to post a comment.