Principal Security Analyst

• 6 Month contract
• £770 – 850 per day Inside IR35
• Hybrid working – Somerset base
• Candidate needs active SC clearance, used within the last 12 months.

Security Analyst

Our public sector client is looking for a Security Analyst to join them and take responsibility for leading and managing the technical controls required to ensure the organisations technology estate is protected against risk from cyber-attack. You will also lead the response procedures and investigations of security events or incidents, remediating those incidents, identify potential process improvements, and maintain organisational readiness.

As the Security Analyst, you will be required to provide expertise and mitigates cyber-related risks through specialist technical knowledge, skills and experience. To ensure operational preparedness to prevent and respond to security incidents analysing security event data arising from activity across the organisation, tune and improve rules generating security alerts, and follow up by investigating indicators of potentially malicious activity, escalating incidents or initiating responses.

Key Objectives:

• Working with the Head of Information Security to help define the IT security strategic roadmap.
• Lead monitoring, triaging, and investigation of security alerts on protective monitoring platforms to identify security incidents. Review high-priority or high-complexity analysis of security event data to manage security incident response, making key decisions on reporting or escalations for monitoring
• Guide and direct specialist activities of others, actively promoting development in the applicable skills, providing leadership to other IT security practitioners, and sharing best practice.
• Lead the triage of vulnerabilities, ensuring mitigation measures are implemented, and oversee the life cycle of vulnerability management for a set of assets, providing tailored specialist or complex advice on ways to improve control mechanisms and mitigate risks
• Oversee the planning, testing, and response to security and emergency incidents or concerns, and providing informed recommendations on Technical Security issues to internal and external stakeholders.
• Lead multi-team assessment of IT and Cyber resilience throughout an IT estate, reviewing regular security reports, holding accountability and responsibility for IT security operations
• Define the organisational digital forensics strategy and approach to evidence capture in line with legal guidelines, to minimise disruption to the business and preserve evidentiary integrity, using specialist equipment as appropriate

Essential Skills:

• Extensive experience in IT Security Operations and security monitoring including security of cloud-based platforms (Azure/ Microsoft 365/ Amazon AWS)
• Expert knowledge in Vulnerability Management across large and complex technology estates.
• Experience in digital forensics
• Proven relevant work experience focused on the design and implementation of SIEM (Security Information and Event Management) and network analysis tools, techniques and procedures to detect malicious activity,
• Good Awareness of the principles, methods, techniques and tools for the effective management of Information security in complex business environments

Desirable Skills:

• Experience of IT Security Architecture
• Sound working knowledge of Data Protection regulations.

Next Steps

If you have the relevant experience, and active SC Clearance, please apply below with your up to date CV and I will endeavor to get back to you.