Information Security Analyst - Oxford - £50-55k + Bonus + Bens
A Security Analyst is required by this global (FTSE 100) organisation who arguably have one of the largest threat landscapes. This is a perfect opportunity for a self-aware security analyst to join a small internal security team based in Oxford.
Like any global business, they need to constantly defend their systems. This role covers active investigation of incidents, some basic penetration testing, creation of security baselines and delivering security awareness.
You will work with a large user base in a multi-faceted organisation. So, you will need a thorough understanding of what an attack looks like and the ability to work with other teams to triage and remediate.
With a cloud led IT strategy and of course a wealth of traditional systems. You will be comfortable working across application, server and network technologies to actively defend our systems.
Finally, you understand how to break down a problem and naturally understand the difference between urgent and important. The role will be genuinely diverse, if you like to do something different each day but can still keep an eye on strategic cybersecurity goals and work toward them, then this job is for you.
This means, that sometimes you will need to be a strong team player, while other tasks will require you to be independent and self-managed.
What can you bring:
Previous experience on knowledge of Penetration testing, working within IT including security-specific experience and you must have experience in investigating security incidents and applying fixes. You will also have experience in rolling out security products or security baselines.
You are comfortable with Unix, Windows, DNS and other infrastructure. You understand how to manipulate VPNs. Ideally you have some experience of how to implement these in a Cloud environment or at least in a heavily virtualised environment.
Hands on application of security misuse cases to break into systems, bending the logic etc (not just running tools). This is the modern approach for penetration testing, it includes intelligence, reconnaissance and proof of exploitation.
The ability to work with developers (in house and third party developers) to explain the issues found in security testing and see that the fixes are applied
The ability to run security awareness training.
Holding a professional security qualification
For more information please contact Peter Sanders on 01908 886033