Cyber Security Analyst

Sign up to see company details
  • Permanent
  • £55,000 - £60,000 (GBP)
  • London, England, United Kingdom
    and remote
  • 01/03/2021

This role is an exciting opportunity to join us and work within our Cyber Fusion Centre (CFC). As we continue to evolve our business models to keep them efficient and effective in the face of increased IT and digital threats, the CFC is an Intelligence Hub, and future-proofed not just responsible for traditional “detection” and “response” of security incidents but will monitor, react and detect - that will inform decision making at every level of the business.

Description

This role is an exciting opportunity to join us and work within our Cyber Fusion Centre (CFC). As we continue to evolve our business models to keep them efficient and effective in the face of increased IT and digital threats, the CFC is an Intelligence Hub, and future-proofed not just responsible for traditional “detection” and “response” of security incidents but will monitor, react and detect - that will inform decision making at every level of the business.

What you'll do:

Performs initial triage and escalation for phishing incidents raised by Phishing mailbox and manage Spark tickets raised to UK CFC L3 team.

  • Perform initial triage and resolve security incidents (escalated via Spark tool) where possible using available Playbook(s) to determine 'False-Positive' events and collate available information.
  • Monitor Phishing emails via Phishing mailbox and raise SOAR tickets if require.
  • Escalates unresolved, potential security incidents to Senior Security Analyst for further investigation.
  • Be first responders for queries coming in from all inputs into the CFC.
  • Provide consultation on security matters to teams in and out of the CFC.
  • Assist in pulling reporting statistics from platforms.

 

Knowledge Level:

  • Analysing and investigating security incidents and phishing alerts as first responders.
  • Ensure timely accurate tailored remediation and countermeasure communications to internal users and teams regarding intrusions and compromises to on-boarded host and network infrastructure, applications and operating systems.
  • Keep up to date with the latest security, vulnerability and technology developments.
  • Assist with creation and maintenance of security incidents response documentation.
  • Monitor and analyse advanced threat events, Security Incident and Event Management (SIEM), User Behaviour and Analytics (UBA) and Endpoint Detection Response (EDR) toolsets and event logs to identify security indicator of compromise, attacks and threats for remediation and / or suppression.
  • Responsible for Computer Security Incident Response activities; work with various lines of security analysts (internal and external) to identify various malicious threats in the Sky Group enterprise environment.

 

What you'll bring:

  • +2 years' experience in security operations, security analytics or security engineering roles.
  • +2 years' experience in Investigative or Incident Response environments.
  • Excellent knowledge of Computer Networking and IT Security.
  • Excellent knowledge of common operating systems (e.g., Windows, Linux and Unix).
  • Keep up to date with the latest security, vulnerability and technology developments.
  • Good level of understanding and experience with programming or scripting languages (C/C++, Java, Python, Go, etc)
  • Good oral and written communication in English.
  • Excellent knowledge of different threat scenarios and their incident response and remediation techniques.

 

Team Overview:

Strategy & Security: We play an important role in creating a cohesive tech strategy across all of our teams – uniting our tech teams to work towards clear and common goals. Behind the scenes, we’re protecting our business and our customers from cyber threats. 

Your Skills 

Training and Certification:

  • Splunk Fundamentals 1.
  • Sky Network Fundamental Training 1.
  • Crowd Strike Falcon 100 Series.
  • Range Force SOC Analyst I Training.
  • Crowd Strike Certified Falcon Responder (CCFR)
  • CISM or CISSP (Desired).

 

Behavioural Skills

  • Decision making and risk management
  • Customer orientation, Team work and leadership
  • Problem solving and Process excellence
  • Results orientation and execution excellence
  • Professional development - Keep up-to-date with information security news, techniques, and trends.

Skills

Environments
IT Security
Microsoft Windows
IT Infrastructure Products
Linux
Splunk
Unix
IT Security Expertise
Firewalls
IT Security Software & Tools
Crowdstrike
Programming Languages & Frameworks
C
C++
Django (Python)
Java

Industry Experience

Telecommunications - Service Provider, ISP, Mobile
Media & Broadcasting - TV, Music, Movies, Radio, Entertainment