Security Analyst
Recruiter
Listed on
Location
Salary/Rate
Type
Start Date
This job has now expired please search on the home page to find live IT Jobs.
Security Analyst required to work with a central Government Department based in Westminster, London. This is a 6 month contract, outside of IR35, paying up to £600
As the lead Security Analyst working on the Analytical Platform, you will join a talented S&P team of cyber security consultants, offensive security engineers, security operation engineers and strategic risk advisors that provide advice, guidance and direction to the whole of the business.
You will work closely with a cyber security consultant on the Analytical Platform to identify security gaps, advise on if and when they need mitigation, design security controls for proportional resolution and be the primary hands-on implementer for them, working with the Analytical Platform development team.
Most of the systems you may interact with are on AWS, but we also use Azure. We author in Python, JavaScript and Go. We version control with Git.
Main Responsibilities
* Develop and automate security capabilities
* Identify low-level through to strategic gaps in defences
* Advise on security measures that should be implemented
* Implement technical security measures
* Promote security awareness within teams
* Support technical security incident response
Essential Skills and Experience
* Experience with scripting threat and vulnerability management solutions, application security and using analytics to understand/influence such changes
* A good understanding of Python or another modern scripting language
* The ability to use AWS & Linux operating systems using non-graphical interfaces with ease
* Experience with securing AWS (in particular, IAM, S3 and EC2)
* Experience with securing Linux-based containers
* Experience with version control through Git
* Experience with proactively investigating, analysing, managing and mitigating/resolving security incidents
* Excellent communication skills
* Knowledge of web application (example include REST/gRPC, APIs, role-based access, OWASP Top 10) and cloud infrastructure vulnerabilities and common remediation techniques
* Knowledge of security monitoring, prevention and control systems including but not limited to firewalls, IDS/IPS, web proxies, antivirus and log correlation solutions
Desirable Skills and Experience
* Understanding of how technical security fits in within wider threat models
* Experience with securing Kubernetes
* Experience designing and implementing multi-account AWS structures
* Experience of security automation using a wider set of scripting languages, such as Perl, Python, Ruby, and/or Bash as well as the configuration of infrastructure with code automation (e.g. Atlassian tools, Ansible, Puppet, or Chef)
* Experience with version control software and job execution tools beyond Git, such as GoCD, Octopus, Jenkins, RunDeck, SaltStack
* Knowledge of security architectures, in particular for modern digital services
Please apply should you meet the above criteria
Michael Bailey International is acting as an Employment Business in relation to this vacancy.