Information Security Analyst

Information Security Analyst (Contract role)

Rate - £550 a day

Location - London (Hybrid)

Duration - 6 Months initially

IR35 - Outside

• Security Operations:
  • Support the build and implementation of managed security services partnerships - 24/7 SOC service, external vulnerability scanning.
  • Support the development and exercising of incident response plans and runbooks.
  • Assurance on the set-up and config that is managed security monitoring platforms (incl. Tenable IO, Cisco Secure Endpoint).
  • Oversee the eradication of vulnerabilities identified in 2024 pen tests, including status reporting to Senior Management Team.
  • Develop tiered threat intelligence reporting for strategic and operational teams.
• Security Compliance:
  • Support attainment of key enterprise information security standards (CE+, ISO 27001).
  • Support development and update of Information Security policies and processes.
  • Refresh cyber awareness and training programme.
  • Conduct security risk assessments on new systems.

• Role requirements:
  • Minimum 3 years' experience in a cyber security operational role, in a complex IT organisation.
  • Good practical knowledge of security and vulnerability monitoring platforms, including Tenable IO, Cisco Secure Endpoint, Cisco Secure Network Analytics, Splunk, MS Defender.
  • Experience of developing and exercising cyber incident response plans.
  • Good practical knowledge of security technologies and wider business solutions including Firewalls, Identity and access management, SIEM, SOC Services?
  • Excellent awareness of current and emerging threats and countermeasures and the organisational challenges in addressing these.
  • Knowledge of information security standards and best practice. Experience of achieving key certifications, including practical experience of leading and delivering on ISO 27001 & Cyber Essentials (including any variants)
  • Experience of running highly effective cyber security awareness programmes, including the development of e-learning platforms, training sessions and workshops.
  • Experience of developing and maintaining information security policies, procedures and supporting guidance.

• Qualifications: CC or equivalent (essential), CISSP or CISM (desirable)