Security Analyst - remote or hybrid working
Security Analyst required for a global corporate organisation.
- 2 years minimum in full-time security role as a Security Analyst with relevant qualifications to the skill set.
- Excellent knowledge of open source and commercial application security tools and frameworks, including but not limited Qualys, AppCheck, ZAP /Burpsuite, Tennable, Nessus, Kali Web application testing tools
- The skills to demonstrate vulnerabilities to developers in order to demonstrate the value of addressing the issue.
- Threat actor modelling and classification
- Knowledge of industry accepted security best practices/standards/policies such as NIST, OWASP, CIS, MITRE ATTACK
- Experience of, Cloud engineering solution for example AWS
- Understanding of AWS services (with a focus on security tooling - Security Hub, Guard Duty, CloudTrail, Config, IAM etc.) AWS certified to Professional or Specialty level, or equivalent would be a plus
- Drive remediation of Test and audit reports. App/ Server / Supplier /Cloud
- Provide holiday cover for Incident response/management 9-5 Monday - Friday
Nice to Have
- Cyber Security Attack analysis
- Experience of applying web application attack frameworks to plan and implement defensive controls.
- Expertise of identifying weaknesses in End Point Baseline Security configuration to CIS or NIST
- Best Practice, efficient, supportable extensible
- Comp TIA CYSA + OR aka CSA + Cyber Security Analyst
- Bachelor's Degree in Information Security, Management Information Systems, Risk Management, or relevant industry certifications.
Relevant industry certifications would be:
- CompTIA Advanced Security Practitioner
- Comp TIA CYSA +
- CSA +
If the role sounds of interest and you have the experience required please send me your CV and I will call you to discuss in more detail.