Cyber Security Analyst

ROLE OVERVIEW //

We are recruiting for an experienced Cyber Security Analyst to join the Technology Department.

The IT Infrastructure Team is part of the Technology Department and the wider Business Services function based at the firm’s head office in London. Its purpose is to maintain the Security posture for the firm’s global offices.

The Cyber Security Analyst is responsible for security operations including threat monitoring and incident prevention/response, as well as supporting the implementation of new cyber security technologies and best practises. The Cyber Security Analyst is part of the IT Infrastructure Technical Operations team and reports to the IT Infrastructure Operations Manager.

KEY RESPONSIBILITIES //

The key responsibilities of this role are set out below and there may be others which are not listed. The Cyber Security Analyst may require some working outside our normal working hours of Monday to Friday 08:00 – 18:30 (Shift Rota).

• Respond to information security incidents working closely with the firms Managed Service Security Provider (MSSP)
• Respond to Vulnerability notifications from Vendors.
• Deliver small security projects and maintain and continuously optimise Sentinel.
• Handle cyber security queries from our IT Service desk and other Global Support teams.
• Review all Change Requests for cybersecurity impact prior to the Change Advisory Board (CAB)
• Document/review/maintain incident response playbooks.
• Assign and revoke admin rights, transactionally and also regular reviews.
• Perform Privileged Access Reviews
• Produce end of month security reporting (vulnerability position, hardening position, incidents handled)
• Maintain technical security policies.
• Review all High-Level Design documents for cybersecurity impact, prior to the Architectural Review Board (ARB)
• Monitor the threat landscape internally and externally and respond where necessary.

BAU Responsibilities //

• Daily System Monitoring the security tools, key processes and vulnerability management platforms.
• Assist with risk assessments and internal/external audits.
• Perform regular security monitoring.
• Review and resolve security tickets within the ITSM tool.
• Identify cyber security issues.
• Assisting the IT Team to ensure that the various IT platforms are secure and hardened, include reviewing planned changes for security impacts.
• Work closely with the firms MSSP to address security concerns.
• The Cyber Security Analyst is a member of the IT Infrastructure team. This role has a focus on support and delivery of the firm's network and network security. They are responsible for making sure that these systems run smoothly, perform within agreed targets, and provide a secure platform for the firm's business operations.

Required Technical Skills //

Essential:

• In-depth understanding of Cisco network access control using Cisco ISE
• Next generation firewalls including with IPS and sandboxing technologies – Check Point, ZScaler.
• In-depth understanding of security information and event management (SIEM) products, such as Microsoft Sentinel
• Extensive knowledge of intrusion detection systems (IDS) and intrusion prevention systems (IPS)
• Good understanding of cyber security frameworks such as National Institute of Standards and Technology (NIST)
• Excellent IT skills, including knowledge of computer networks, operating systems, software, hardware and security
• In-depth knowledge of core Microsoft security principles across Azure, M365 suite and Entra ID
• In-depth knowledge of the Microsoft Defender suite such as XDR and TVM

Desirable:

• Experience of working within an Infrastructure Operations Team
• Good understanding of Microsoft Server architecture
• Understanding of networking concepts such as LAN \ WAN Architecture
• Experience of scripting languages such as PowerShell

Current Technical Environment:

• Microsoft Windows 10 workstations using Microsoft Office, iManage DMS and legal applications.
• Large Microsoft Windows Server base and managed environment utilising VMWare technology.
• Microsoft Cloud Services – Azure, Intune, Office 365, Teams
• Cisco based networking, Checkpoint Firewalls
• HPE hardware, SolarWinds and Microsoft Endpoint (Intune) management systems.
• Citrix Virtual Apps and Desktops and Netmotion remote access.
• SolarWinds, Tenable Security Centre and Microsoft Defender.
• Advanced Cyber security systems and tools. Microsoft ATP Defender
• ISO27001 and ISO22301 accreditations and Cyber Essentials Plus certification.

The role must uphold the mission statement for the department:

• Strive for Continual Service Improvement
• Maintain the firm’s security and cyber accreditations.
• High availability of all core IT Systems.
• Endeavour to ensure a proactive service approach to all functions and procedures.
• The use of best practice ITIL processes throughout.
• Provide and maintain a high level of IT performance at all times.
• A risk based approach to all processes.
• User first in all decisions and designs.
• Full business continuity of core systems.
• Maintaining a culture of providing exceptional levels of customer service at all time.

CANDIDATE PROFILE //

• Experienced in Information Technology Infrastructure Library (ITIL) processes, procedures, and roles.
• Microsoft Accreditations, SC-300, SC-200
• A good understanding of the Microsoft Technologies (Microsoft Exchange, AD, M365, Windows Server).
• Security Accreditations, CISMP, CompTIA CySA+
• Have a proactive mind-set.
• Be flexible to take part in on-call rota and to cover shifts as and when required to do so.