Senior Information Security Analyst
£40,280 - £48,336
HYBRID WORKING
We are an innovative and market leading software & services company based in Chorley serving clients in the utility sector ranging from new entrants to large existing suppliers. We deliver sophisticated software solutions and managed services in a Private Cloud infrastructure, servicing both traditional and modern real-time, smart energy clients.
The Senior Information Security Analyst role is to maintain the security of all data and systems in the ESG environment. The Senior Security Analyst must leverage an in-depth understanding of cyber security threats, technologies, be a technical security expert, and be able to champion security initiatives to resolve enterprise IT security issues.
RESPONSIBILITIES
* Monitor the external threat landscape and security trends to recommend improvements that enable the business to mitigate identified risks.
* Analyse security alerts to identify and respond to any security events or incidents.
* Lead investigation, reporting and remediation activities of security events and incidents.
* Act as an escalation point for Information Security Analysts.
* Conduct assessments on issues and vulnerabilities advising teams on appropriate courses of action.
* Assist in the development and ongoing maintenance of policies, procedures and documents required to maintain compliance.
* Provide additional support for the planning, development, testing and ongoing management the security program, including incident response exercise, risk assessments.
* Support vendor/supplier security reviews as required.
* Support vulnerability management and remediation.
* Facilitate Pen Testing and any remediation activities that need to occur.
* Monitor, configure and calibrate security monitoring tools.
* Will be included in the on-call support rotation (24 x 7 x 365).
* Ability to function in a fast-paced environment and effectively manage multiple tasks simultaneously.
ABOUT YOU
We need diverse people from all abilities, gender identities, ethnicities, ages, sexual orientations, life experiences and backgrounds to join us
You will be:-
* Able to demonstrate ESGs key values of
Excellence : be accountable to deliver our best
Passion : show how much we care each day
Integrity : do the right thing when no one is looking
Collaboration : work together to succeed together
Experience
* 5+ years of Information/Cyber Security.
* 5+ years of experience of Security Incident response.
* 3 – 5 years experience of cloud security.
* 3 – 5 years experience of network security.
* 3 – 5 years of security controls frameworks (i.e. ISO27001, NIST).
* 3 – 5 years of risk management frameworks (i.e. ISO27005, IS1, NIST).
* Technical expertise in one or more of the following: IDS/IPS, web proxy, SEIM, forensics, automation technologies, vulnerability scanning, configuration monitoring, and/or endpoint detection response.
* Experience mentoring and developing junior team members.
* Working to tight deadlines.
* Analytical thinking and attention to detail.
* Good communication skills, both written and verbal.
* Must be able to work independently and as part of a team communicating with all levels of staff.
Education
Education in areas such as the following is beneficial
* ISO27001 Lead Auditor / Implementor
* CISSP
* CCSP
* CompTIA Security+
COMPANY BENEFITS
* Life Assurance
* Health Cash Plan
* Enhanced Maternity Leave 13 weeks full pay 13 weeks half pay
* Enhanced Paternity Leave 4 weeks full pay
* Holiday buy scheme
* Employee Assistance Programme
* Discounted Leisure Memberships
* Cycle to work scheme
* EV & Hybrid Car Scheme
* Long Service Awards
* Private Medical Insurance
And many more!
For our full job specification please go onto our careers page under "Information Security" link below: Careers - ESG (esgglobal.com)