Security Analyst

  • Job Type: Permanent
  • Location: UK - United Kingdom - Cardiff United Kingdom Cardiff
  • Date Posted: June 10, 2021

Hello! Interested in applying? We welcome you to fill out your details in the fields laid out below so we can get your CV straight to our recruiter:

  • Thank you for giving us your email address! We will use it to contact you about this role, and we will also send you confirmation of your application.
  • Please tell us your nationality so we can assess whether you are able to work in the roles location, or assess the possibility of arranging a suitable visa.
  • Allowed files: .doc, .docx, .pdf
    Drop files here or
    Accepted file types: doc, docx, pdf.
    • Read about how First Point Group uses the data that you provide by clicking here: First Point Group Policies and Statements

    Security Analyst

    Job Summary:

    FPG Cyber is currently recruiting on behalf of our prestigious client, a World & Gartner Quadrant Leading MDR Provider for a Security Analyst the role is semi-remote, working out of our client?s office?s in Cardiff, UK. Our client is an innovative Cyber Leader who are growing rapidly, they are on a mission to eliminate the fear of impact from cyber threats and attacks. This is a fantastic opportunity to excel your career & grow, for someone who wants autonomy in their next role with the opportunity to have their ideas listened too & acted on.

    The Role:

    This Security Analyst will play an integral part in extending our customers team & delivering an outstanding customer experience to allow our customers the freedom to conduct business safely
    They will be reporting to the Operational Lead of the Security Operations team & will act as a Customer Champion, always working with the relentless ambition to resolve customer incidents and questions by demonstrating ownership, empathy, and a desire to broaden their knowledge and skills. They will be expected to demonstrate their understanding of our clients services by providing our customers with a route to resolution.

    Primary Responsibilities:

    Work closely with our customers internal teams to provide detailed analysis & response for incidents
    Act as a Security Expert and Ambassador for our customer meetings, both physical and virtual, including client visits, SOC tours, review calls and customer orientations
    Serve as security expert to customers and team members
    To monitor global NIDS, Firewall, and log correlation tools for potential threats
    To review and identify improvements to current knowledge base articles (KBAs), standard operating procedures (SOPs) and operational processes for the benefit of our customers and internal teams
    To work with Security Operations Center colleagues and other technical teams to ensure that customer queries are addressed promptly and according to Standard Operating Procedures, Customer Management processes always with the intent to provide World Class Customer Service
    To manage incident, change, and request cases submitted to the Security Operations team for resolution
    To provide mentorship to Security Analysts, and to provide collaborative support to the wider Security Operations Center
    Provide World-Class Customer Experience and Security outcomes to our customers.
    Demonstrate ownership of customer issues
    Communicate directly with the end customers and partners; set clear expectations of how often updates to a case will be received
    Provide guidance and training to customers through pre-arranged virtual meetings
    Follow defined escalation paths to ensure proper resolution to issues
    Tune our propriety security products to generate higher fidelity observables and reduce benign or ?noisy? events from customer environments
    Investigate and advise our customers concerning risks and active vulnerabilities identified within monitored network environments
    Escalate high priority technical or security related issues by communicating your analysis to our customers in a timely fashion and in accordance with customer specifications
    Provide support to our customers by analyzing and reviewing logs or functional events within our customers? network systems and report on any abnormalities to customer designated security contacts
    Provide customers with pre-published Knowledge Base Articles, Incident remediation and prevention documentation and assist in the development of new articles
    Conduct deep dive analysis and undertake threat hunting activities to support Content Management and Threat Intelligence activities.
    Own and develop undefined workflow items until mature processes are implemented and assist with the documentation of such processes.
    Engage, liaise with and support our customers to overcome and resolve service impacting issues and challenges experienced with the use of our products and services.
    Have an intermediate understanding of our Products and Services, in addition to having industry recognized skills relating to information security, Linux, Windows and Networking.
    Collaborate with peers to identify improvements to the customer experience and to maximize operational efficiencies.
    Escalate high priority technical or security related issues to the Technical Lead.
    Act as a representative of other Security Operations Center stakeholders in Product and Engineering reviews and product launches/enhancements.
    Effectively communicate information relating to Customers and operational delivery between shift teams.
    Identify and drive improvement opportunities relating to customer experience and security value.
    Initiate escalation procedures to counteract potential threats/vulnerabilities.
    Assist and coordinate in the coordination of the our response to Customer Reported Events.
    Analyze, escalate and respond to security events, observables and incidents detected by our propriety security products.
    Carry out further analysis and investigation of security events to assist the our Content team.
    Provide security expertise, directly or through appropriate tasking, for customers during incident responses, including remediation and prevention documentation.
    Resolve requests and incidents in a timely manner in accordance with customer contracted Service Level Agreements.
    Required Skills and Experience:
    Strong belief in ownership, from identification through resolution and validation of Operational issues.
    A team player who is willing to participate in the day to day activities.
    A detail-oriented working style.
    The ability and willingness to communicate.
    The willingness to share knowledge with team members, leadership and customers.
    Strong Customer Focus.
    Required Attributes (technical):
    Be able to prioritise escalated cases/requests.
    Intermediate command of Linux systems administration and working with BASH
    Intermediate understanding of networking including TCP/IP
    Intermediate experience with network monitoring and packet analysis tools
    Intermediate understanding of a cloud environment & infrastructure (AWS, Azure, Google Cloud, etc.)
    Basic hands on experience working with Windows infrastructure
    Basic experience in one of Linux, Windows or Database administration
    Basic hands on experience configuring Windows or Linux system logging
    Intermediate understanding of Windows or Linux logging / auditing capabilities
    Capability/Skill Review:
    Capability and skill reviews will take place during one-one-one sessions, with formal performance reviews taking place in line with the our appraisal schedule.
    Assessment of ability will be carried out by the Operations Lead and Manager.

    Working Methods:

    The Security Analyst will work on a scheduled shift of 40 working hours per week, these shifts will be in accordance with the company Shift Policy. Their SOC operates an under a ?Follow the Sun? approach and the shift start times will therefore be set to ensure 24-hour coverage between the US and the UKThe Professional Security Analyst will take daily tasking from the Operations Lead and where appropriate, the Manager, and will be required to work collaboratively with other team members, both within the Security Operations Center and with other internal departments, to ensure that cases are acknowledged, prioritized, and resolved within the agreed timescales

    Start date is = immediate (notice period accepted for the right candidates) please forward your resumes to: Tom Layzell at FPG Cyber +1 (202) 972 4320