Banner Default Image
Back to job search

Senior Security Analyst

  • Location:

    City of London

  • Sector:

    Information Security

  • Job type:

    Permanent

  • Job functions:

    Security Analyst, Cyber Security Analyst

  • Salary:

    £85000 - £86000 per annum

  • Contact:

    Faun Lara

  • Contact email:

    faun.lara@lafosse.com

  • Job ref:

    FL2_1659461322

  • Published:

    9 days ago

  • Expiry date:

    2022-09-13

  • Startdate:

    ASAP

JOB DESCRIPTION

Job Title: Senior Security Analyst

Department: InfoSec

Basic Salary: £85,000

.

PURPOSE AND SUMMARY

As a Senior Security Analyst, you will be working in the InfoSec Exposure Management (which also includes Vulnerability Management) team, and will be responsible for:

  • Managing exposure & vulnerability tooling,

  • Bug bounty program, as well as working with various technology teams on remediation guidance and plans.

The role is critical to minimising the risk of business disruption, reputational damage, and customer impact.

ESSENTIAL DUTIES AND RESPONSIBILITIES

  • Continuously discover our exposure and related risk using industry-leading solutions

  • Evaluate technical vulnerability risk based on intelligence-based prioritization criteria

  • Coordinate and communicate with cross-functional teams

  • Facilitate strategic and operational level reports

  • Facilitate exception handling and escalation through risk review and acceptance process

  • Review and optimize tools to ensure complete coverage of the environment

  • Support treatment and remediation activities with identified system owners

  • Managing security technical risk vulnerabilities across Classic Infrastructure or Cloud (AWS), Operating Systems, Web Applications, APIs, etc

SKILLS & EXPERIENCES ASSESSMENT

As an experienced Senior Security Analyst, you will have:

  • Expertise around Exposure & Vulnerability Management for Classic environments and XaaS platforms.

  • Experience with Web Application Security frameworks, a common vulnerability, es, and associated remediations, Framework, and methodologies such as CVSS, CIS Benchmarking, OWASP, MITRE

  • Ability to conduct root cause analysis for vulnerabilities and determine feasible technical solutions

  • Knowledge of secure software development methodologies (DevSecOps, Secure Architecture)

    • Ability to work with large datasets and analyse the potential impact on Instinet security posture by using the following information: latest zero-days, current exploit techniques, vulnerability disclosures, data breach incidents, and security analysis techniques, combined with the Industry relevant certifications are desired but not essential

JOB KNOWLEDGE, QUALIFICATIONS, AND EDUCATION

  • Attach Surface Management tools

  • Vulnerability Management tools

  • Hands-on with BurpSuite, Metasploit, Nmap

  • Working knowledge/experience with REST APIs

  • Able to write small tools/scripts

* Experience with data aggregation, visualization, and analytics tools