We are looking for a Cybersecurity Analyst to join a leading client in the financial services industry. The primary purpose is to support teams across the bank by ensuring that infrastructure is configured securely. This role will support the design, development and delivery of security frameworks, and associated processes, with responsibility for day-to-day operations. We can consider this role on a contract or permanent basis, for contract it is inside IR35.
- Responsible for the design of technical monitoring controls to detect sophisticated cyber attacks and advanced adversarial techniques
- Execute the end to end Threat Modelling Service for I&IR.
- Input to the cyber threat management strategy by recommending remediation actions for longer term risk reduction.
- Employ threat intelligence analysis to anticipate, identify and prioritise threats.
- Drive and execute a programme of deliverables to define robust logging and monitoring controls to detect threat activity in a timely manner.
- Develop SLA’s to assure the highest levels of performance ensuring agility to adapt to the changing threat landscape and technologies.
- Shape, build and implement related processes and procedures for effective threat modelling capability.
- Provide consultancy on the mapping of threats, controls and procedures against audit points and facilitate timely completion of agreed corrective actions.
- Plan and maintain own routine tasks to fit anticipated support requirements (and others where appropriate) with overall priorities assigned by the Senior Manager
- Coach and support team members in personal development.
- Support Senior Manager in colleague development across the team
- Manage and influence a diverse group of cross-divisional stakeholders as required to deliver the Threat Modelling service.
- Engage with and provide consultation at Head of Function level.
- Act as an SME on threat intelligence sources, emerging and existing threats.
- Support the culture of continuous improvement through generating and developing new or improved ways of working.
- Experience designing security controls (with particular focus on detection of threat)
- Experience correlating numerous types of information in order to build an understanding of a given threat
- Experience in writing detection or alerting rules
- Experience in log analysis
- Experience with SIEM tools (preferably Splunk)
- Ability to draw on a range of analytical methods
- Ability to deal with incomplete information describing ambiguous situations
- Ability to apply a high level of intuition, curiosity and imagination in order to join the dots and make a judgement
- Detailed knowledge of threat detection techniques and tools
- Detailed knowledge of infrastructures, architectures e.g. perimeters network, endpoint,
- Knowledge of MITRE Attack
- Knowledge of cyber threat intelligence
- Knowledge of User Behaviour Analytics
- Desirable, knowledge of threat modelling methodologies such as Diamond model, PASTA, STRIDE etc