Information Security Analyst (Contract role)
Rate - £550 a day
Location - London (Hybrid)
Duration - 6 Months initially
IR35 - Outside
-
Security Operations:
-
Support the build and implementation of managed security services partnerships - 24/7 SOC service, external vulnerability scanning.
-
Support the development and exercising of incident response plans and runbooks.
-
Assurance on the set-up and config that is managed security monitoring platforms (incl. Tenable IO, Cisco Secure Endpoint).
-
Oversee the eradication of vulnerabilities identified in 2024 pen tests, including status reporting to Senior Management Team.
-
Develop tiered threat intelligence reporting for strategic and operational teams.
-
Security Compliance:
-
Support attainment of key enterprise information security standards (CE+, ISO 27001).
-
Support development and update of Information Security policies and processes.
-
Refresh cyber awareness and training programme.
-
Conduct security risk assessments on new systems.
-
Role requirements:
-
Minimum 3 years' experience in a cyber security operational role, in a complex IT organisation.
-
Good practical knowledge of security and vulnerability monitoring platforms, including Tenable IO, Cisco Secure Endpoint, Cisco Secure Network Analytics, Splunk, MS Defender.
-
Experience of developing and exercising cyber incident response plans.
-
Good practical knowledge of security technologies and wider business solutions including Firewalls, Identity and access management, SIEM, SOC Services?
-
Excellent awareness of current and emerging threats and countermeasures and the organisational challenges in addressing these.
-
Knowledge of information security standards and best practice. Experience of achieving key certifications, including practical experience of leading and delivering on ISO 27001 & Cyber Essentials (including any variants)
-
Experience of running highly effective cyber security awareness programmes, including the development of e-learning platforms, training sessions and workshops.
-
Experience of developing and maintaining information security policies, procedures and supporting guidance.
-
Qualifications: CC or equivalent (essential), CISSP or CISM (desirable)