Reporting to the Threat and Vulnerability Management (TVM) Team Lead as a Senior Cyber Security Analyst , you will be part of a global team of Information Security specialists, where you will help define the technology, policies and practices used to protect the organisation and its clients.
You are highly motivated with strong technical acumen in security operations working in collaboration with a team of IT operations specialists, including DBA, System and Network administrators, and Solution Owners in identifying and quickly remediating any security related incidents, vulnerabilities or other concerns that may impact the business.
You must be able to work in a fast paced, agile environment with short timelines for deliverables. Whilst it is recognised not all security measures are impenetrable, you will be measured on your ability to quickly identify, respond to and contain security threats.
*This position is open in Madrid or Málaga ; you should be based in one of those locations or willing to relocate and work in a Hybrid model .
Responsibilities Key responsibilities include, but are not limited to:
Operate and monitoring Vulnerability Detection, Management and Reporting platforms covering Internal & External Infrastructure, Web Application, Mobile Application, Cloud environments and as part of the CI/CD Pipeline
Conducted technical validation of findings and remediation implementations
Maintain situational awareness of hardware and software running within the enterprise and any associated vulnerabilities and/or exploits targeting them.
Evaluate and utilise intelligence regarding new threats and vulnerabilities to ensure protective monitoring is capable of detecting potential new attacks (e.g. through custom network (IDS), host-based (EDR) or SIEM rules)
Advise on secure operating system and network device configuration standards
Assess the organisation's exposure to Aexisting and new vulnerabilities and develop detection / mitigation strategy whilst contributing to the organisational risk process
Create reports on cyber-security vulnerabilities, organisational posture, and other indicators of cyber-security issues read by both a technical and non-technical audience
Work with platform and organisational stakeholders to track remediation and/or mitigation of technical vulnerabilities within the company and client estates.
Continued development and improvement of the Vulnerability Management capability within the Cyber Security function.
Requirements The successful candidate must possess a strong understanding of the following;
Familiarity with common defensive/detection tools such as IDS, SIEM, Secure Gateways and cyber-security technologies , where appropriate
Hands on experience of administration and operational usage of at enterprise grade vulnerability scanning platform
Knowledge of multiple operating systems and networking technologies, including hardening methodologies
Security operations and/CSIRT collaboration
Common tactics, technique and procedures (TTP's) used by adversary groups, advanced threats, opportunistic attackers and malicious insiders.
Working knowledge of common enterprise infrastructure and security architecture approaches
Business Skills
Must be an intelligent, articulate, consensus building individual who can serve as an effective member of the Cyber Security team and effectively communicate technical concepts.
Ability to work and communicate effectively in a global , multi-office, environment and willing to travel to overseas offices, as required.
Must demonstrate the ability to maintain strict confidentiality of the company's internal and personnel affairs.
Ability to manage multiple concurrent objectives or activities, and effectively make judgments in prioritizing and time allocation in a high- pressure, ever changing, environment
Ability to support with technical and procedural transformation and adapt to a rapidly changing environment.
Highly self-motivated and directed , and able to harness different skills and experience, and enjoy a strong sense of team spirit.
Excellent communication skills in English , written and verbal, to include technical documentation and the ability to work with individuals at all levels of the organisation.
Must demonstrate professionalism and maturity when working with internal business functions, peers, senior management, and vendors
Detail oriented with strong organisational, documentation and technical writing skills
Experience/Certifications:
A minimum of 5 years' technical experience within Information Security, ideally with an operations or transformation focus
A minimum of 2 years in a Vulnerability Management position
Degree in Computer Science or equivalent working experience preferred
Relevant Cyber Security Certifications/Training
SecDevOps Experience
Programming / scripting skills or experience (Python, PowerShell, etc.)
#J-18808-Ljbffr