Cyber Security Analyst (m/w)
The Cyber Security Analyst will carry out a range of duties as are determined in accordance with the enterprise security strategy and policy, and in line with underlying processes and procedures. Such duties would include, but are not limited to operation, monitoring and maintenance of the enterprise security solutions; ensuring that there is continued adherence to enterprise security policy by users, and in the design and operation of applications/systems (new and existing); supporting the risk management framework; security incident response and forensic Investigation.
Acquisition & Deployment
- Maintain up-to-date knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes and the development of new attacks and threat vectors.
- Assist in the identification of any required additional security solutions or enhancements to existing security solutions to improve overall enterprise security.
- Assist in the deployment, integration and initial configuration of new security solutions and of any enhancements to existing security solutions in accordance with standard best operating procedures generically and the enterprise’s security documents specifically.
- Provide advice and assistance to ensure that any proposed business processes, software and solutions are implemented in accordance with stated enterprise security strategy and policy, and that the correct processes and procedures are followed.
- Ensure the ongoing confidentiality, integrity and availability of the data residing on or transmitted to/from/through enterprise workstations, servers and other systems and in databases and other data repositories.
- Monitor continued adherence to enterprise security policy including data classification.
- Monitor effectiveness of existing security controls and assist in enforcing/introducing any further controls required to maintain an adequate Cyber Security posture throughout the enterprise.
- Monitor the prevailing threat landscape, and provide threat risk assessments as are required.
- Monitor, classify and deal with any observed activity deemed to be problematic, unusual or suspicious, as is notified to the company from time to time, or provided by internal alerts from monitoring systems.
- Identify emerging trends, issues or threats through analysis of internal logs and events.
- Perform Cyber Security risk assessments at differing levels and scopes.
- Carry out and/or co-ordinate regular penetration tests, vulnerability assessments and security audits for both internal and external enterprise information assets.
- Assist in providing appropriate Cyber Security due diligence during the procurement process, and in ongoing assurance reviews.
- Provide technical support and resolution to Cyber Security Incidents and any other observed problematic activity.
- Provide forensic investigation assistance where this is deemed appropriate.
- Produce statistics, KPIs relating to performance of Cyber Security operations, controls and/or prevailing threat/risk.
- Assist with ongoing awareness communication to all users and related parties, on Cyber Security matters.
SKILLS, KNOWLEDGE AND COMPETENCIES
Formal Education & Certification
- College diploma or university degree in the field of computer science and/or 2 years equivalent work experience.
- One or more of the following certifications:
- GSEC, GCFE, GPPA, GCIA, GPEN or relevant GIAC equivalent
- CompTIA relevant certification
- OCSP, CEH or other relevant Offensive Security/EC-Council certification
- Microsoft and/or Cisco relevant certification
- (ISC)2 relevant certification
Knowledge & Experience
- Extensive knowledge and practical experience of Cyber Security principles and processes.
- Sound understanding of network, system and application architecture.
- Working technical knowledge and operational experience of firewalls, IDS and IPS, content control, intelligent network scanning systems, DLP, email gateways, AV/AM, endpoint encryption and protection, SIEM.
- Working technical knowledge and operational experience of key Cyber Security testing tools.
- Demonstrable experience of carrying out penetration testing, vulnerability assessments.
- Experience of carrying out Cyber risk assessments, compiling statistics, KPIs and presenting clearly and as appropriate.
- Familiarity with client/server Operating System (i.e. Windows, Linux, iOS, Android) and associated vendor applications.
- Adequate understanding of software development methodologies as they relate to Cyber Security.
- Fluent German and English
- Proven analytical and problem-solving abilities.
- Ability to effectively prioritize and execute tasks in a high-pressure environment.
- Good written, oral, and interpersonal communication skills.
- Ability to conduct research into IT security issues and products as required.
- Highly self-motivated and directed.
- Keen attention to detail.
- Team-oriented and skilled in working within a collaborative environment.
- Ability to make decisions (where necessary)
If you are excited about what you’ve read, please send a personal letter along with your CV to: email@example.com