Senior Security Analyst

Job Description

Our client is currently undertaking significant development work to create a fresh, modern, new client reporting and investment platform, this is part of an extensive programme of IT developments driven by continued growth, and the intent to provide new services to clients. ​

Role Responsibilities:
– Supporting the security team to ensure that appropriate technologies and processes are in place to defend infrastructure from cyber threats;
– Security review of external facing web apps and systems
– Security review of internal web apps and systems
– Security review of 3rd party applications where sensitive data is to be stored
– Regular review of the security estate
– Document security testing, gaps and enhancements
– Provide support and necessary advice on secure development practices to defend against all currently exploited threats
– Code reviews of developments prior to release to production
– Provide advice and support on network level changes that could have an impact on security (Firewall, file permissions, changes to web servers etc.)
– Support 3rd party security testing and verify the implementation of suggested remediation’s
– Promote and support security awareness and responsibilities throughout the business
– Provide advice on secure configuration of web, application servers, internet facing systems and desktop protections
– Monitor and prioritise the remediation of security alerts/notifications (CVEs)
– Recommend, support and oversee, introduction of current security technologies and obsoleting of insecure technologies
– Provide security training presentations to staff in order to maximise the level of the human cyber defence
– Develop and support the team in implementing security policies, protocols and procedures
– Attend meetings with other managers to determine operational needs
– Review and create reports on incidents and breaches

Skills & Experience Required:
– Demonstrable experience in a cyber security role – The ideal candidate will have experience of working as an IT Cyber Security Analyst in the finance sector and will have a desire to grow their career further in this space.
– Experience in a development role or Infrastructure Role
– An understanding of the OWASP Top 10 and Mitre Top 25
– Some experience with security testing tools including HTTP intercept proxies
– A track record of identifying security issues and providing remediation advice
– Strong interpersonal and communication skills
– Some ability to understand how a business functions and to balance security needs with organisational goals
– Understanding of Cyber Essentials, NIST and ISO accreditations
– Problem-solving and analytical ability
– A collaborative work style
– Commitment to continuous development and continuing education, to stay on top of IT and cybersecurity trends