Due to a huge period of growth within BSI, we are excited to be looking for a Security Operations Analyst to join our Information Security Team at the start of a Global Security transformation programme:-
As part of your role you will work alongside the Head of Security Operations as a key part of the technical security operations team, responding to incidents, looking for threats and managing security technologies.
You will also be tasked with supporting the implementation of global policies, strategies, processes, standards, procedures and controls for Information Security and being the contact for IT Security related incidents.
Working closely with IT Operations to ensure critical business assets are adequately protected from cyber-related threats using appropriate technical controls.
You will be tasked with documenting process and procedures pertaining to security operations and incident response.
Key Responsibilities & Accountabilities
Responds to security incidents in a timely manner.
Identifies threats to the confidentiality, integrity, and availability of information systems.
Conducts investigation, analysis, and review of security breaches, and manages the investigation and resolution of security incidents, in accordance with established procedures including incident management procedures.
Examines network, server, application logs to determine trends and identify as well as respond to security incidents.
Manages security solutions including troubleshooting and maintenance.
Contribute to the smooth running of vulnerability management throughout the organisation.
Skills/Experience Required
You will have recognised expertise in information security, the technology involved, current developments, the most commonly available products, and the application of information security within a technical environment.
Strong knowledge of common vulnerabilities and exploitation techniques
Familiarity with security testing techniques used to plan and execute software tests of all application components (functional and non-functional) to verify that the software satisfies specified security requirements and to detect security issues
Knowledge and understanding of infrastructure configurations. Examples, but not limited to: physical and virtual servers and cloud services.
Holds a relevant professional qualification e.g. CISSP, GSEC, Security +, AZ 500 , SC-200 or equivalent.