Information Security Analyst

Key Roles and Responsibilities:

Monitors security alerts and events from various sources, investigates potential threats, and escalates incidents as necessary.

Assists in the implementation and monitoring of security controls, including firewalls, intrusion detection systems, and access controls.

Performs regular vulnerability assessments, analyses scan results, and assists in prioritising and remediating identified vulnerabilities.

Supports the incident response team in investigating security incidents, documenting findings, and participating in remediation efforts.

Assists in ensuring compliance with industry standards (e.g., GDPR, ISO 27001) by conducting assessments and implementing necessary controls.

Installs security measures and operates software to protect systems and information infrastructure, including firewalls and data encryption programmes

Documents security breaches and assess the damage they cause

Works with the security team to perform tests and uncover network vulnerabilities

Fixes detected vulnerabilities to maintain a high-security standard

Develops organisational best practices for IT security

Performs penetration testing

Upgrades systems to unable security software

Installs and upgrades antivirus software

Tests and evaluates new technology

Assists with the installation of security software and understands information security management

Researches security enhancements and makes recommendations to management

Stays abreast of information technology trends and security standards

Contributes to security awareness initiatives by creating training materials, conducting workshops, and educating employees about best security practices.

Maintains accurate records of security incidents, assessments, and actions taken for reporting and audit purposes.

Assists in the management and maintenance of security tools, including antivirus software, encryption tools, and security information and event management (SIEM) systems.

Participates in risk assessments to identify potential security threats, vulnerabilities, and associated risks to the organisation.

Collaborates with cross-functional teams, IT, and other teams to ensure security measures are integrated into the organisation's processes and projects.

Knowledge, Skills and Attributes:

Seasoned, experienced professional; has complete knowledge and understanding of area of specialisation

Uses evaluation, judgment, and interpretation to select right course of action

Excellent communication skills to effectively convey technical information to non-technical stakeholders

Excellent analytical thinking and problem-solving skills to prevent hacking on a network

Strong leadership skills to identify and evaluate potential risks and to develop solutions

Ability to identify and mitigate network vulnerabilities and explain how to avoid them

Proficiency in understanding of firewalls, proxies, SIEM, antivirus, and IDPS concepts

Proficiency in understanding of patch management with the ability to deploy patches in a timely manner whilst understanding business impact

Proficiency with MAC and OS

Familiarity with security frameworks, standards, and regulations (e.g., NIST, CIS, GDPR)

Proficiency of understanding in network and system architecture, protocols, and security controls

Strong analytical skills to analyse security incidents and assess potential risks

Ability to work both independently and collaboratively in a fast-paced environment

Academic Qualifications and Certifications:

Bachelor's degree or equivalent in information security, cybersecurity, computer science, or related

Security certifications such as CompTIA Security+, Certified Information Systems Security Professional (CISSP), or Certified Information Security Manager (CISM) are advantageous

Required Experience:

Seasoned demonstrated experience in information security or cybersecurity, or related roles

Seasoned demonstrated experience working in a global IT organisation

Seasoned demonstrated experience with computer network penetration testing and techniques

Seasoned demonstrated experience with security assessment and vulnerability scanning tools