Cyber Security Analyst
Job Ref: CSA
Cyber Security Analyst
Rate: £500 – £550 per day (Outside IR35)
CVM are proud to be partnering with a leading name in the UK with multiple service lines including Finance, Insurance, Automotive, Leisure and Lifestyle services. We are looking for a Cyber Security Analyst contractor to deliver change with a view to reducing cyber risk.
This role is responsible for the interface between the Security Operations team and the Change Portfolio. This role is to ensure that the delivery of changes, whether new applications / infrastructure or changes to the existing landscape, are done with a view to reducing Cyber risk across the organisation. This role will work in conjunction with Service Introduction process in IT Operations to ensure that implementations are secure from vulnerabilities and are adequately monitored.
- Create an engagement and assessment / tri-age process, with associated documentation to make the engagement process re-usable
- Drive governance of SecOps and operational IT teams in the wider organisation to ensure the security requirements of the business are being met.
- Collaborating with IT Operations teams to ensure that requirements regarding tools and technology are communicated and understood.
- Working on the IT Foundation Portfolio and related Cyber Security Projects.
- Detection of vulnerabilities within the areas of these projects, by ensuring appropriate security scans are completed according to schedule for the defined in scope assets.
- Interacting with managed security service providers where applicable as well as overseeing the reporting of identified vulnerabilities to relevant teams so that they can be remediated and tracked effectively, escalating non-compliance where appropriate.
- Experience in engaging with a variety of stakeholders, inside IT and business change.
- Stakeholder management and interpersonal skills at both a technical and non-technical level
- Experience in creating process documentation.
- Experience in the use / implementation of AV / EDR and SIEM technologies.
- Strong knowledge of standard methods / systems for analysis and prioritisation of vulnerabilities e.g. CVE, CVSS.
- Knowledge, understanding and application of cyberattack frameworks e.g. Cyber Kill Chain, MITRE ATT&CK matrix.
- Strong knowledge of attacker tools, tactics and techniques, including privilege escalation, persistence and lateral movement techniques, common malware and exploit tools and techniques.
- Knowledge of how to manage cyber security risks and issues within a large or complex organisation.
- Ability to translate issues arising from security operations into risk / business language.
If this sounds of interest, please contact Nick at email@example.com
01264 326 315