Information Security Analyst (Remote in the UK)

View full description

Requirements:

• Bachelor’s degree in information technology or a related field preferred
• Security certification such as Security+, GSEC, CompTIA CySA+, or Cisco Cyber Ops are desirable
• Demonstrated knowledge of information security concepts and best practices
• Understanding of InfoSec concepts such as cloud infrastructure, application security, vulnerability scanning, penetration testing
• Experience with SIEM tools, log observability, AWS and other infosec related apps and tools preferred
• Some experience with infosec testing tools and scripts
• Familiarity with SaaS application concepts: secure configuration, APIs, logging, access control, permissions, troubleshooting
• Some experience with business applications such as ERP, CRM, and IdP solutions
• Familiarity with Docker and containerization desirable
• Familiarity with implementing secure IT SaaS applications
• Knowledge of OWASP top 10 and MITRE ATT&CK Framework
• Knowledge of various operating systems: ChromeOS, Linux, Mac, Windows
• Ability to navigate the Linux command line
• Ability to write basic Python scripts desirable
• Strong verbal and written communication skills
• Excellent time management and organization skills
• Excellent analytical skills

Responsibilities:

• Responds to security alerts created across infosec alerting systems
• Escalates security alerts requiring further investigation
• Creates new security alerts and dashboards as needed
• Performs threat hunting across information security log feeds
• Creates Infosec policies, procedures, and playbooks
• Monitors, investigates and responds to security incidents
• Performs root cause analysis on identified vulnerabilities and incidents
• Conducts security reviews and penetration testing across company products and services
• Conducts vulnerability scanning and triages vulnerabilities across company products
• Monitors changes in the network and network activity for threats