Connecting...

Security Analyst - SIEM / IDPS / DLP / AV / HIPS

Job Title: Security Analyst - SIEM / IDPS / DLP / AV / HIPS
Contract Type: Contract
Location: London
Industry:
ICT
Salary: £350 - £400 per day
Start Date: ASAP
Reference: EW/C/17227
Contact Name: Ellie Walker
Contact Email: ellie.walker@gsatechsource.com
Job Published: April 29, 2021 12:08

Job Description

GSA Techsource are currently recruiting for a Security Analyst to work with a Global IT Service provider. This is a remote working position for an initial 3 months with high likely of an extension.

You will be responsible for delivering and supporting the enterprise security architecture and controls, ensuring the operational status of tools and systems used by the Security Operations and CSIRT.   Working as part of Security Engineering function and the wider Security Operations team, you will be expected to maintain security controls and policies, monitoring and reporting appliances health in addition to the analysis and improvement of security controls, policies, and rule base and providing reported evidence of improvements. Additionally, you will be helping with the monitoring of information security controls within the client by analysing alerts setting and detections, minimizing false positives and actively taking responsibility for all the Security Operations team controls and tooling.

To undertake the following accountabilities and Activities:
  • Aid in the operation of security standards and best practices and implement controls to help meet them. 
  • Develop use cases, playbooks, policies and developing custom tooling to improve our security maturity.
  • Recommend security enhancements and service improvement to help drive effective detection, containment, and eradication of security risks. 
  • Help to develop our strategies to respond to and recover from security incidents and breaches.  
  • Undertake testing of our security controls to make sure they are operating within the expected detection guidelines.  
  • Investigate and resolve complex and high-priority incidents.
  • Ensure IS policies and procedures are adhered to including security and technical standards. 
Analytics

Help develop security and operational tools, policies, and rule bases to monitor and analyse the security posture of the IT estate and identify anomalous activity and behaviours.  

Help to refine and develop dashboards and reports to continuously improve security situational awareness. 

Help in the production of reports and MI to present activity and outcome of operational security services improvements. 

Operate and improve upon existing policies and ruleset for tooling such as: - 
  • NAC 
  • Firewall
  • IDPS
  • SIEM
  • DLP
  • EDR
  • NBA
  • UBA
Endpoint detection
  • AV 
  • DLP 
  • HIPS 
  • HFW 
Incident management

Work with the broader CSIRT and Security Engineering team to prevent security incidents due to security device or service failures. 

Facilitate recovery, following the resolution of incidents to help drive and identify areas of improvement. 

Implement improved or develop new use case and playbooks, for use by the wider Security Engineering team.   

Information security  

Understand the requirement for and be able to assist in the creation of security risk, and vulnerability assessments as required. 

Explain the purpose of and provide advice and guidance on the application and operation of physical, procedural, and technical security controls.  

Use security tools and, where appropriate, develop simple scripts to assist with the ongoing detection and testing of security controls. 

Provide advice and guidance to other teams within the business on good practice and maintain relevant and current industry knowledge.   


Security administration 

Maintain security administration processes and checks that all requests for support are dealt with according to agreed procedures.  

Operate or support the operation of tools that contribute to effective security posture. 

Assistance with the onboarding of any enhancements to the security tools, including deployment and on-going management and maintenance. 


This role is inside IR35.




GSA Techsource Ltd operates as an Employment Agency when recruiting for permanent vacancies, and an Employment Business when recruiting for contract vacancies. All contract rates quoted are to Ltd companies.