Cyber Security Analyst

Time Type:
Full time

Working Pattern:
Hybrid

Purpose of the Role
AEGIS London are currently seeking an experienced Cyber Security Analyst to join our team to run the day-to-day cyber security operations as part of our cyber security program. Their role is to work with the Cyber Security Manager to protect AEGIS London's information systems, networks, and data from potential cybersecurity threats and attacks. The ideal candidate will have a deep understanding of cyber security on Cloud, specialising in Microsoft Azure in particular but also AWS and other services, along with proven experience in running and implementing cloud security.

Duties and Accountabilities

• Working with our third parties to ensure that we are continually monitoring the organisations networks, systems and applications for security breaches, intrusions, and other suspicious activity.
• Work in close conjunction with our third party SOC to ensure that the right security logs are being monitored and that we have full visibility across our environments.
• Investigate security alerts and incidents raised by third parties and work in close cooperation with the IT team to contain and remediate these, along with supporting the Cyber Security Manager through to incident closure.
• Work with our third parties to ensure that all systems and applications are managed from a vulnerability management perspective and that penetration testing is undertaken on all systems and applications.
• Own the outputs from vulnerability management and penetration testing to resolution in conjunction with system owners and escalate any areas of non-compliance to the Cyber Security Manager.
• Work with third parties to ensure that secure coding requirements in line with the cyber security framework are being adhered to.
• Support the Cyber Security Manager regarding any cyber security incidents that may occur and ensure that lessons are learned and fed back into the security framework.
• Act as the first point of contact for the IT team and business in regards to cyber security incidents.
• Assist in the development, implementation, and enforcement of information security policies, standards, and guidelines, ensuring compliance with relevant regulations and industry standards (e.g., ISO 27001, GDPR, NIST CSF, etc).
• Conduct risk assessments to evaluate the security posture of information systems and processes and help identify, assess, document potential risks, and propose mitigation strategies.
• Work with third parties to ensure that the right security tools are in place, with oversight to ensure that they are working in line with the cyber security framework.
• Produce and generate security posture reports, vulnerability reports, and incident reports for the Cyber Security Manager to communicate to the relevant stakeholders.
• Assist in the preparation of audit reports and evidence for internal and external audits.
• Communicate security risks, issues, and strategies to non-technical stakeholders in a clear and understandable manner.
• Work with third parties to ensure that AEGIS London is monitoring for relevant cyber security threats and that AEGIS London is proactively protected against these threats and risks.

Skills, Knowledge and Experience

• Familiarity with industry standards and frameworks such as NIST, ISO 27001, and CIS Controls.
• Demonstrable working experience with a primary focus on Information Security.
• Certifications in CISA, SSCP, CompTIA Sec+ or similar.
• Proven experience as a Security Analyst or similar role, with hands-on experience in monitoring, incident response, and vulnerability management.
• Proficiency in using and configuring security tools such as SIEM, IDS/IPS, firewalls, antivirus software, and vulnerability scanners.
• A good in-depth knowledge of the Microsoft Azure stack, understanding the various security components that can be used within Microsoft environments.
• Good understanding of ITIL processes and experience of working with IT teams to ensure that ITIL good practice is followed.
• A good level of technical understanding and skills; able to walk through networks and systems to identify risks and understand the risk impact to the business, particularly focused on cloud environments and SaaS products.
• Ability to work effectively with cross-functional teams, including IT, development, and operations.

AEGIS Values

Fairness and respect
We make decisions considering the best interests of key stakeholders. We are direct and straightforward in our actions, working collaboratively to create a culture of fairness and respect.

Open and inclusive
We act with integrity, valuing diversity of thought and background. We take time to listen to the needs of our customers, stakeholders, and colleagues working together to seek and share information.

Ambitious
We have a passion for success, aspiring to be recognised as best in class. We embrace new opportunities, encouraging innovation in pursuit of our goals.

Striving to be better
We strive to improve at all times, challenging complacency, being agile and adapting to change. We always seek to improve our customers' experience with us.

Investing in people's potential
We provide an environment where each employee can reach their personal potential. We encourage personal accountability for performance and individual ownership for growth and success.

AEGIS London is an equal opportunities employer and recognises the value of a diverse workforce in facilitating better decision making and business growth. We encourage a variety of differing views, perspectives, and insights to create a collaborative working environment. Diversity and Inclusion are fundamental to our business and we encourage applications from all backgrounds recognising the diversity of society and our customers.