Senior Cyber Security Analyst
Salary Competitive Location Glasgow Head Office, 2 Lawmoor Street, Glasgow G5 0US Shift Pattern Days Hours per day
This is a Permanent, vacancy that will close in 2 months at 13:50 BST.
The Vacancy
POSITION OVERVIEW :
This role will lead the implementation, development, and execution of Security Operations, protecting City’s users, infrastructure, and data from a range of threats. You will monitor networks and systems, detect security threats ('events'), analyse, and assess alarms, and report on threats, intrusion attempts and false alarms, either resolving them or escalating them, depending on the severity. You will also take the lead and provide a focal point for a range of security related activities such as compliance with policies and standards, vulnerability management, monitoring and reporting, risk and threat assessment, incident response, business continuity and disaster recovery, supporting plans to develop and improve Cyber Security and compliance with ISO27001, GDPR and other standards and regulations at City.
PRINCIPAL TASKS AND RESPONSIBILITIES
1. Have a good knowledge of the latest security and technology developments and be committed to stay current with technology trends.
2. research/evaluate emerging cyber security threats and ways to manage them.
3. plan for disaster recovery and create contingency plans in the event of any security breaches.
4. monitor for attacks, intrusions and unusual, unauthorised or illegal activity.
5. test and evaluate security products.
6. design new security systems or upgrade existing ones.
7. use advanced analytic tools to determine emerging threat patterns and vulnerabilities.
8. identify potential weaknesses and implement measures, such as firewalls and encryption!
9. investigate security alerts and provide incident response.
10. monitor identity and access management, including monitoring for abuse of permissions by authorised system users.
11. liaise with stakeholders in relation to cyber security issues and provide future recommendations.
12. generate reports for both technical and non-technical staff and stakeholders.
13. maintain an information security risk register and assist with internal and external audits relating to information security.
14. monitor and respond to 'phishing' emails and 'pharming' activity.
15. assist with the creation, maintenance and delivery of cyber security awareness training for colleagues.
16. give advice and guidance to staff on issues such as spam and unwanted or malicious emails.
17. Set team goals and technical direction while ensuring that they align with the goals of the Technology and Information Security roadmaps
18. Set personal goals for each team member as well as direction while ensuring they are aligned with team goals
19. Implement effective engineering processes and policies that emphasise quality and forward progress.
20. Manage 3rd parties.
SKILLS/EXPERIENCE
CRITERIA
ESSENTIAL
DESIRABLE
Professional/Academic/ Vocational Qualifications
21. Degree level qualification or equivalent experience in Cyber Security or Network and System Administration
22. SSCP or CISSP
23. CISM
24. CompTIA Security+
Specific Knowledge
25. Cyber security essentials
26. ISO 27001/22301
27. Microsoft 365/Azure
28. Ethical Hacking/Purple Team Activity
29. SIEM Management
Specific Skills
30. Network and application firewalls
31. Host intrusion prevention and anti-virus
32. Malware sandboxing reports
33. Security tooling (Windows & Cloud environment)
34. XDR, EDR, email & remote access security
35. Content filtering (web/email)
36. Cloud Security (SaaS, PaaS, IaaS)
37. Anomaly detection
38. O365, Azure. MS Intune, Identity Management
39. Cyber-attack techniques, vulnerabilities, and mitigation strategies
40. Mitre ATT&CK and NIST frameworks.
41. Automation and Orchestration of applications and infrastructure
42. An understanding of the cyber security risks associated with various technologies and ways to manage them
Demonstrated Behaviours
43. Business sense
44. Communicate Up, Down, and Across All Levels of an Organisation
45. Pragmatic and flexible approach
46. Problem-Solver
47. Excellent interpersonal skills
48. Creativity
Experience:
49. 5+ years in IT Security or IT
50. 4+ years in SOC Analyst, Cyber Threat Hunter, Investigations, Analysis, or Campaign Tracking
The Company
In 1985, husband and wife Willie and Susan Haughey established City Refrigeration Holdings. The pair set out with one goal – to make a positive change in the facilities management industry.
The Haugheys founded their enterprise on the values of collaboration and transparency, replacing client/contractor relationships with long-term, mutually beneficial partnerships. Each partner receives a unique strategy, shaped by the needs of the business and implemented by a bespoke, self-delivered model.
It is this focus that has allowed the City Group to grow from its humble beginnings into one of the world’s most trusted facilities management companies. The business now employs over 12,000 people and has established divisions across Europe, Australia, North America and Asia. It has also diversified the services it offers to include maintenance and engineering, technical procurement and support, cleaning and ancillary services across retail, residential and commercial markets.
Now more than three decades into its story, City remains rooted in the core values established by the now Lord and Lady Haughey and remains passionate about sharing its unparalleled professionalism, quality, customer service and value with partners around the globe.
About City
Our Benefits
Documents