Reporting to the Threat and Vulnerability Management (TVM) Team Lead as a Senior Cyber Security Analyst, you will be part of a global team of Information Security specialists, where you will help define the technology, policies and practices used to protect the organisation and its clients.
You are highly motivated with strong technical acumen in security operations working in collaboration with a team of IT operations specialists, including DBA, System and Network administrators, and Solution Owners in identifying and quickly remediating any security related incidents, vulnerabilities or other concerns that may impact the business.
You must be able to work in a fast paced, agile environment with short timelines for deliverables. Whilst it is recognised not all security measures are impenetrable, you will be measured on your ability to quickly identify, respond to and contain security threats.
*This position is open in Madrid or Málaga; you should be based in one of those locations or willing to relocate and work in a Hybrid model.
ResponsibilitiesKey responsibilities include, but are not limited to:
Operate and monitoring Vulnerability Detection, Management and Reporting platforms covering Internal & External Infrastructure, Web Application, Mobile Application, Cloud environments and as part of the CI/CD PipelineConducted technical validation of findings and remediation implementationsMaintain situational awareness of hardware and software running within the enterprise and any associated vulnerabilities and/or exploits targeting them.Evaluate and utilise intelligence regarding new threats and vulnerabilities to ensure protective monitoring is capable of detecting potential new attacks (e.g. through custom network (IDS), host-based (EDR) or SIEM rules)Advise on secure operating system and network device configuration standardsAssess the organisation's exposure toAexisting and new vulnerabilities and develop detection / mitigation strategy whilst contributing to the organisational risk processCreate reports on cyber-security vulnerabilities, organisational posture, and other indicators of cyber-security issues read by both a technical and non-technical audienceWork with platform and organisational stakeholders to track remediation and/or mitigation of technical vulnerabilities within the company and client estates.Continued development and improvement of the Vulnerability Management capability within the Cyber Security function.RequirementsThe successful candidate must possess a strong understanding of the following;
Familiarity with common defensive/detection tools such as IDS, SIEM, Secure Gateways and cyber-security technologies, where appropriateHands on experience of administration and operational usage of at enterprise grade vulnerability scanning platformKnowledge of multiple operating systems and networking technologies, including hardening methodologiesSecurity operations and/CSIRT collaborationCommon tactics, technique and procedures (TTP's) used by adversary groups, advanced threats, opportunistic attackers and malicious insiders.Working knowledge of common enterprise infrastructure and security architecture approachesBusiness Skills Must be an intelligent, articulate, consensus building individual who can serve as an effective member of the Cyber Security team and effectively communicate technical concepts.Ability to work and communicate effectively in a global, multi-office, environment and willing to travel to overseas offices, as required.Must demonstrate the ability to maintain strict confidentiality of the company's internal and personnel affairs.Ability to manage multiple concurrent objectives or activities, and effectively make judgments in prioritizing and time allocation in a high- pressure, ever changing, environmentAbility to support with technical and procedural transformation and adapt to a rapidly changing environment.Highly self-motivated and directed, and able to harness different skills and experience, and enjoy a strong sense of team spirit.Excellent communication skills in English, written and verbal, to include technical documentation and the ability to work with individuals at all levels of the organisation.Must demonstrate professionalism and maturity when working with internal business functions, peers, senior management, and vendorsDetail oriented with strong organisational, documentation and technical writing skillsExperience/Certifications: A minimum of 5 years' technical experience within Information Security, ideally with an operations or transformation focusA minimum of 2 years in a Vulnerability Management positionDegree in Computer Science or equivalent working experience preferredRelevant Cyber Security Certifications/TrainingSecDevOps ExperienceProgramming / scripting skills or experience (Python, PowerShell, etc.)
#J-18808-Ljbffr