Cyber and Information Security Analyst

The Vacancy

The Role

This is a new role within the Information Security team reporting into the SOC Manager. A main purpose of the Cyber and Information Security Analyst is to support the protection of our organisations IT infrastructure, networks, and data from cyber threats. Within this role, you will assess security risks, implement proactive measures, monitor systems for security breaches and respond to cyber incidents.

Key Priorities

Security Monitoring & Incident Response

1. Monitor our security tools for any potential security threats (CTI).
2. Respond and investigate incidents escalated by the SOC.
3. Collaborate with IT teams to remediate vulnerabilities and incidents.

Risk Assessment & Compliance

1. Conduct regular security assessments to ensure security controls are enforced and working as expected.
2. Ensure compliance with industry best standards and regulations e.g., ISO 27001, GDPR.
3. Assist in security audits and compliance reporting.

Security Architecture and Implementation

1. Provide assistance in reviewing and implementing security solutions such as firewalls, endpoint protection, and identity and access management.
2. Assist in identifying and implementing secure configurations for network and systems (security hardening).
3. Assist in developing secure software and cloud security best practices.

Policy Development and Awareness

1. Develop and update cyber and information security policies, standards, procedures, and best practices.
2. Conduct and create security awareness training or articles for employees.
3. Promote a strong cybersecurity culture within the organisation.

Knowledge, skills and experience

1. Experience using a range of security technologies including firewalls, web proxies, secure email gateways and DLP solutions.
2. Strong communications skills to effectively collaborate with cross-functional teams and communicate complex issues to non-technical stakeholders.
3. Experience of one of more EDR solutions such as Microsoft Defender or SentinelOne (desirable)
4. A good understanding of attacker tactics, techniques and procedures including experience of the Mitre ATT&CK framework.
5. Experience of Vulnerability Management and Vulnerability scanning tools such as Tenable, Rapid7 or Qualys.
6. Experience of one or more SIEM solutions, including Azure Sentinel.

Desirable

1. Cybersecurity relevant certification from CompTia, SANS, GIAC or ISC2.
2. Microsoft Certified Security Operations Analyst Associate or similar qualification.

Working at the FSCS

At FSCS we are purpose driven and committed to delivering an exceptional service and results for our customers.

We have invested greatly in a flexible people offering that we're proud of, that our employees love and that supports and promotes diversity, inclusion, and overall wellbeing. Key benefits include:

1. Employer pension contributions from 9%+ dependant on your contributions and length of service
2. Life assurance, income and critical illness protection
3. Private medical and dental insurance
4. EAP and Virtual GP
5. 26 days annual leave + bank holidays and the option to sell 5 or buy up to 9 additional days per annum to suit your lifestyle
6. Enhanced Maternity, Paternity and Adoption leave - 6 months full pay
7. Additional discounts and options to earn rewards to spend at your choice of retailer

To Apply

Use the Apply Now button to apply with your CV.

We are happy to consider any reasonable adjustments that candidates may need during the recruitment process, and you will be asked whether you require any during your application. If there are additional options you'd like to request, please contact recruitment@fscs.org.uk. We also offer reasonable adjustments on the job.