In a Nutshell
Reporting to the Cyber Security Manager, you will be responsible for the monitoring of all security scanning tools and systems, ensuring an appropriate and timely response to any events or alerts. You will maintain a view of prevailing threats and ensure appropriate observability and attention to mitigate any associated risks until they are remedied. You will form the first step of Incident Response, ensuring appropriate triage and response to security events and their onward escalation and overall response. You will maintain a series of Incident Response Playbooks to ensure the organisation has the necessary process to deal with the most likely or impacting security scenarios.
- Analysis of host-based and network security logs.
- Administration, monitoring and troubleshooting of antivirus activities and email gateway issues.
- Assist with security related software and firmware, (e.g., endpoint, vulnerability scanners, firewalls, IPS, DNS, proxy) to maintain security and continuity of service.
- Assist with security related issues relating to infrastructure.
- Participate in security incident response, providing in-depth technical analysis.
- Ensure security incidents are identified in a timely manner by performing security alert detection and analysis across multiple technologies.
- Support communication of potential security related incidents. Ensuring appropriate stakeholders are informed of relevant updates at regular intervals.
- Tracking and maintaining of security metrics to enable upper-level management reporting.
- Produce reports for management concerning vulnerabilities and other security exposures, including misuse of information assets and noncompliance.
- Participate and contribute to security forums, providing an appropriate level of technical analysis.
- Actively participates in security threat monitoring, attack methods, incident response and provide in-depth technical analysis
- Review existing and new CVE entries against infrastructure, providing insight and remediation strategies.
- Utilise security knowledge to assess security requirements and controls for system acquisition projects. Ensure that appropriate controls are implemented as planned.
- Work alongside the Cyber Security Manager to evaluate a wide range of threat intelligence sources and develop strategic and tactical response plans accordingly.
- Accuracy and attention to detail is key
- A problem solver who can facilitate timely decisions
- Experience in managing and delivering projects, prioritising to ensure alignment with delivery timelines
- Values the importance of teamwork
- Proven ability to engage with and develop strong relationship with customers and stakeholders
- Experience of working in an agile environment and from within the Energy/Utilities would be advantageous but not essential
- Background in security or willingness to learn new skills.