Are you ready to Take On your Placement?
Working as part of the Security Incident Response Team the Placement Security Analyst will learn how to respond to and investigate events generated by our security controls. You will help ensure that Security Incidents are promptly identified, contained and eradicated, working closely with IT, our security partners and the wider business to do so.
The successful candidate will learn how to use our SIEM and other security controls to identify potential threats and then use all of the controls and resources at their disposal to determine what steps need to be taken to contain and eradicate confirmed threats. You will be shown how to ensure that any forensic evidence is correctly captured and stored in case it is required for future reference. Following any incident you will work with other teams involved to identify opportunities to improve our controls and processes, making recommendations for addressing any lessons learned and implement where appropriate.
The role involves participating in a shift rota.
Key Responsibilities
1. Assist in continuously monitoring Next’s technical security controls in order to promptly identify and investigate potential threats.
2. Learn how to operate and maintain key security controls used by the Security Incident Response Team.
3. Understand how to respond to Security Incidents ensuring prompt containment and recovery.
4. Learn how to carry out forensic investigations following security incidents.
5. Learn how to ensure all investigations and incidents are accurately logged and managed in our ITSM tool.
6. Participate in lessons learned meetings and make recommendations for improvements to controls or processes ensuring these are implemented where agreed.
7. Liaise with other IT Teams, business areas and 3rd Parties to aid in incident investigations and response.
8. Begin to develop an awareness of new and emerging threats and understand their relevance to the Next environment.
9. Help in creating and maintaining operational procedures and technical documentation.
10. Help to manage and maintain metrics and reporting to ensure the security threats and trends impacting our business are understood.
Criteria
Essential
11. Keen interest in Information Technology.
12. Good analytical and troubleshooting skills.
13. A keen interest in Information and Cyber Security
14. A team player who is hardworking and self-motivated.
15. Excellent attention to detail.
16. Ability to remain calm under pressure and clearly communicate to all levels of management.