IT Security Analyst required for a leading client in Uxbridge
The IT Security analyst will work as part of a team responsible for developing and delivering a programme of information security controls. In addition the analyst will provide expertise and assurance that existing controls are maintained, by close collaboration with the IT Infrastructure and Service Delivery teams.
SKILLS & KNOWLEDGE
'€¢Understands how cyber threat operate, the common types of attacks facing organisations and the key technical countermeasures to mitigate them. Practical hands-on experience in either offensive or defensive technical security is a distinct advantage,'€¢Can undertake and produce a documented business impact analysis and risk assessment,'€¢Can perform architectural security reviews to identify design weaknesses and provide recommendations to ensure a robust security design,'€¢Is capable of configuring (infrequent requirement) and reviewing security technology configurations (e.g. audit policies, firewalls, anti-malware, intrusion prevention) to assure their effectiveness,'€¢Can write at minimum small scripts to query Microsoft Active Directory, servers or workstations (e.g. to report on local admin membership) or to parse files to extract information (e.g. parse exported firewall logs to extract specific data),'€¢Can create and implement Microsoft AD Group Policy Objects (GPO).'€¢Implemented and/ or operated vulnerability assessment (VA) tools,'€¢Performed vulnerability assessments to identify vulnerabilities in Windows client and server OS, applications, network, storage and cloud infrastructure,'€¢Exposure to penetration testing methodologies or performing small assessments is considered an advantage.'€¢Has knowledge of and can recommend security controls to mitigate specific risks or issues based on best practice control frameworks including ISO 27001, CIS or NIST.'€¢Performed architectural level security risk assessments of systems/ applications, provided solutions to mitigate risks and managed the treatment of risks through to completion,'€¢Has implemented or worked hands on with common security technologies including but not limited to firewalls, anti-malware, email security, intrusion prevention systems, application white listing and log monitoring,'€¢Has implemented or supported the delivery of operating system and application hardening,'€¢Has scoped, managed and coordinated penetration tests,'€¢Developed cyber security incident use cases and response processes and procedures,'€¢Managed and/ or provided the lead for security incident investigations.
Due to the volume of applications received for positions, it will not be possible to respond to all applications and only applicants who are considered suitable for interview will be contacted.
Proactive Appointments Limited operates as an employment agency and employment business and is an equal opportunities organisation
We take our obligations to protect your personal data very seriously. Any information provided to us will be processed as detailed in our Privacy Notice, a copy of which can be found on our website http://proactive.it/privacy-notice/