Our client, one of the UK's leading energy providers is looking to recruit a Security Analyst withing their Enterprise Information Security Team.
The Security Analyst will maintain and support the enterprise IT environments and security technologies in order to provide a quality service to all the customers of IT. The post holder will be the recognised point of contact for day to day support in the Enterprise Information Security (EIS) Enablers Team within Enterprise IT. The post holder will be responsible for initial assessment and triage of ITSM tickets, conducting investigations and information gathering. They engage with wider IT and Business stakeholders and 3rd party supplier teams and coordinate response to security related tickets and ensure appropriate investigations are conducted and reported to business stakeholder.
The post holder will help Enterprise IT meet our customers' needs by operating and maintaining cost-effective technologies and solutions required to manage information security risks and enable the business IT services across traditional data centre and Cloud environments.
The post holder is required to work within the following frameworks:
- IT technical, security and support frameworks;
- Supply Chain frameworks;
- Enterprise IT governance frameworks;
- Scaled Agile [SAFe v4.5 onwards] frameworks; and
- Lean Portfolio Management / Governance.
- Identify and implement enhancements to the products provided by the Enterprise Information Security team to improve service performance and add business value; maintain documentation and ensuring knowledge sharing with relevant internal teams and support partners.
- Align security incident management (SIEM) to general incident management, disaster recovery and business continuity functions and emergency response teams.
- Advise and collaborate with Internal Audit, Risk, Legal, HR and Business Unit security teams throughout the organisation, support partners and external supplier teams as necessary.
Operational and Product Accountabilities
- Conducting initial Triage of reported events; logging in the tracking systems and allocating a preliminary rating.
- Provide first line security operations and technical support for technologies including firewalls, Internet proxies, DLP, PKI, security log and event management systems and AWS and Azure security environments.
- Conducting methodical assessments of identified events, analysing the content, origins and recipients for malicious content, compromise, etc. This will include events from data loss prevention service, email spam, phishing etc.
- Assist with Investigations arising from the events being recorded / managed. This will mean directly interacting with users, HR, 3rd Party Partners, etc.
- Be responsible for managing the inventory of security operations software and hardware assets, maintaining up to date software versions as recommended by vendors.
- Be responsible for performing system and infrastructure inspections on a regular basis (daily, weekly, monthly); Monitor compliance to SyOps across multiple information systems or services.
- Be responsible for BAU changes (small scale) including within Cloud technologies, which are raised through the IT service portal.
- Use knowledge gained to identify opportunities to improve service performance and add business value; Provide security operations reporting including within Cloud platforms for trends analysis.
- Reporting in relation the incidents being monitored & managed, in time presenting a judgement view whether further action needs to be taken. Assess business impact of security incidents, communicate to business stakeholders and escalate decisions where appropriate.
- Be responsible for the management and assignment of resources to business projects through our clients agreed process. The Security Analyst may from time to time be asked to assist in the delivery of projects, both internal to the team and wider communities
- Threat analysis including open source intelligence gathering to analyse and assess any threat to People, Process or Technology. Coordination with wider security teams and 3rd parties on security threats and response.
- Maintain lessons learned from security incidents, ensuring that root causes have been identified and appropriate corrective measures implemented. Provides input to new procedures for handling security incidents or for learning from them
Skills & Qualifications
- Knowledge of ITIL or similar frameworks and best practises;
- Knowledge of security threats and trends;
- Excellent organisational skills;
- Ability to learn new technologies, including Cloud. Industry knowledge of security best practices;
- Ability to provide reporting and managing stakeholders including Enterprise Product Management, Release Train Stakeholders, Customers, Business Owners, etc.
- Good interpersonal and communication skills including verbal, written and presentation skills.
- Ability to articulate the different forms of threats and vulnerabilities to a range of information systems and assets (including industrial controls systems).
- Ability to translate technical security concepts and threats into business language and impact and apply pragmatic consultative approach to find the right solution for the business
- Ability to operate in outsourced IT environments and collaborate with multiple service providers to deliver business outcomes
- Robust outlook on life and ability to work discreetly and confidentially (data involved can be very sensitive). Unquestionable honesty & Integrity
- Adaptable; be prepared to get involved in other aspects of the work undertaken by the Operational Security and Incident Management Team
- Adhere to the requirements of our clients HR, InfoSec and other policies.
Qualifications and Experience
- Experience with Service NOW, or other ITSM Ticketing tools;
- Experience of working in IT functions e.g. Cloud Computing, DevOps, IT Operations, Network Security Technologies, Client Computing Technologies, Application Architecture, Middleware and Integration Platforms and Operating Systems
- Experience working in agile and DevSecOps environments. Knowledge of information security incident management in traditional IT, DevOps and Cloud computing environments (AWS and Azure.)
- Understanding of Malware Families, Email & Networking protocols;
- Understanding of Computer Forensics or Malware Analysis;
- Good understanding of the Windows environment as well as a knowledge of Linux and Virtual Machines;
- It is a requirement of this role that the post holder either holds or can obtain and maintain Security Check (SC) clearance;
- Experience of working in a highly regulated environment (desirable);
- Experience of working with IT security compliance, risk and governance practices (desirable).
Please note; if successful you will be employed by Manpower working on a temporary ongoing basis with our client, the duration of the role is until the end of December 2021 with scope of extending for the right candidate. You will be expected to undertake a drugs and alcohol test as well as be security checked to BPSS and SC levels. There will be a requirement to go to various locations from time to time.
Key Benefits working with Manpower:
- 36 days holiday accrual (pro-rata) including bank holidays
- Company pension scheme
- Access to client facilities onsite
- Access to Manpower's online training platform 'powerYOU', giving you access to hundreds of online training courses
- Opportunity to be selected for additional upskilling and career support through Manpower's MyPath programme
- Dedicated Manpower Account Specialist to provide support during your assignment
This role is managed by our Manpower on-site team and not related to the Bristol office - PLEASE DO NOT CALL BRISTOL OFFICE REGARDING THIS ROLE - if you have not heard from Manpower within 15 business days of submitting your application then unfortunately your application has not been shortlisted at this time.