Connecting to LinkedIn...

Risk and Threat Analyst

Job Title: Risk and Threat Analyst
Contract Type: Contract
Location: Hampshire, United Kingdom
REF: 1523
Contact Name: Mark Gale
Job Published: about 2 months ago

Job Description

Risk and Threat Analyst – Hampshire – SC cleared

Based within this leading organisation you’ll be undertaking Security Risk and Threat Analysis of large IT systems and will possess a practical background and experience in Networks and Software System Security.


Primary responsibilities:

  • Technical Assessment of Vulnerabilities, Incidents and their impacts (networks, application, system, operational).
  • Technical Assessment of the Risk Exposure arising from a Threat Catalogue.
  • Identification of mitigations, moderating risk exposure.
  • Generation of Risk Reports.
  • Liaising with our Customer in support of corroborating status and review of the Risk Analysis.
  • Working closely with the Security Manager.
  • Some overseas travel may be required.


Secondary responsibilities (supporting additional team):

  • Review of expert findings identifying mitigating and remediating solutions.
  • Liaising with internal teams, suppliers and customers in the generation of revised Requirements Specifications.
  • Establishing and review of Test Procedures for use in verifying compliance for mitigation and remediation of known and applicable vulnerabilities.
  • Managing the execution and witnessing of security verification activities, including direct hands on execution.
  • Tracking conclusion of mitigation and remediation activities, reporting on vulnerability status folding back into the revision of Risk Exposure assessment and generation of Risk Reports.
  • Supporting Accreditation Datapack generation.
  • OS Lockdown definition, implementation and validation.


You need to demonstrate extensive experience and be able to operate on both solo activities and also within multi-disciplined teams from engineering and security management.


Essential skills:  

  • Report Writing and Technical Presentation
  • Security Risk and Threat Analysis
  • DOORs Requirements Management; MS Office
  • Understanding Network Security: ACLs, Firewall Rules, DMZs
  • Linux and Windows operating Systems, specifically Security enforcing mechanisms.


Desirable skills:

  • An understanding of Network attack Methodologies.
  • An understanding of Vulnerability and Incident management (analysis, assessment, mitigation).
  • Virtualisation technologies.
  • Experience of nmap / Nessus and related Security Toolkits e.g .Kali Linux
  • Compliance/Audit experience.
  • Experience of using formal configuration management systems.
  • CISSP or related certification
  • OS Lockdown principles


6 month initial contract, SC clearance is required.