Online since 1999 | 8,881 IT Jobs Live NOW

Security & Vulnerability Analyst

Premium Job From Freshfields
Recruiter: Freshfields
Listed on: 13th September
Location: Manchester
Salary Notes: Negotiable
Type: Permanent

Role summary/purpose of job

The IT Security Operations Team designs, implements and maintains wide range of Security services and tools including but not limited to; Firewalls, Secure Remote Gateways, Network Segmentation systems, IPS, Web Filtering solutions, multi factor Authentication and Privileged Access management tools, endpoints security tools as well as SSL Certificate Management systems and encryption tools. The team also responsible for Vulnerability Management and remediation planning activity in aim to keep on top of new and existing threats and make sure we keep our environment and Data safe and compliant with Security Policy.

Working in a "DevOps like" operating model, the Security Analyst is recognized as the subject matter expert supporting the wider teams across infrastructure and core platforms; ensuring the firm's new and existing security and vulnerability management technologies run efficiently and effectively on a day to day basis whilst at the same time evolving the service delivered by the team's function to adapt to an ever changing environment.

Key responsibilities and deliverables

Technical Responsibilities

  • Takes a leading role in day to day vulnerability management activity.
  • Review scan reports, identify vulnerable components and its owners, help apps/system owners to perform an initial security risk analysis and create remediation plan.
  • Look after vulnerability dashboard and make sure we have up to date vulnerability info visible for Apps/System owners and prepare reports for IT Senior Management and Information Security Group.
  • Work closely with ISG (Information Security Group) under review of new/emerging vulnerabilities/threats and help with initial prioritisation and remediation.
  • Help Apps/Service owners to prepare and execute remediation plans or design and implement compensation controls to cover an existing vulnerability.
  • Gather security notifications from our vendors and perform an initial analysis and reports.
  • Aid ISG with security incidents investigation and problem resolution.
  • Review/update an existing Vulnerability processes and procedures.
  • Take a leading role and act as a bridge between ISG, PMO and IT Infrastructure
  • Make sure that all critical Apps/Services configured to submit required security/apps logs to SIEM.

Key requirements

Essential

  • Good working knowledge of Vulnerability scanning and management platforms.
  • Have strong organisational and communication capabilities.
  • Working knowledge of - Rapid7/Tenable/Qualys Solutions, vulnerability and patch Management tools (SNow).
  • Extensive Knowledge of Security modern threats, Cyber attacks vector and Indicators of compromise (IOCs).
  • Good knowledge around information security best practices
  • Knowledge of OWASP top 10 and software development security controls.
  • Public Cloud security controls.
  • Good understanding of Network and IT Infrastructure security best practice and hardening methodology.

Desirable Experience

  • Professional Service experience
  • Prior, multicultural and/or global organisation experience
  • Experience of operating in a DevOps environment

Desirable Technical Skills

  • Network Security Services: Web/Email filtering, Firewalls, VMware NSX platform, MFA and PAM tools.
  • Experience of conducting penetrations tests
  • Knowledge of 2nd and 3rd layer protocols.
  • Knowledge and experience of current Windows server operating environments

Desirable Qualifications

  • ITIL Service Management Foundation certification (or equivalent)
  • CISSP
  • CCNA
  • Juniper - JNCSP, any JNCP security track certification

Inclusion

Freshfields is an equal opportunities employer and all applications received by the firm will be considered by the firm on the basis of their merit alone and we welcome applications from all suitably qualified individuals regardless of background. All offers of employment will be conditional on the candidate having/securing the right to work in the UK and providing the firm with evidence of that right (as required by the Immigration, Asylum and Nationality Act 2006) prior to employment commencing.

Freshfields is a Ban the Box employer. We ask applicants to disclose criminal convictions only when a conditional job offer is made. A conviction does not automatically lead to withdrawal of the offer: we make decisions on a case by case basis and take a number of factors into account (e.g. the role you are applying for and the circumstances of the offence). You would have the opportunity to discuss the matter with us before we make a decision.

Contact Name:
Reference: TJ/6199/2100009X_1631538659
Job ID: 2977825



Browse all skill types