United Kingdom
Help Centre
Post free ad

3rd Line Security Analyst, Cardiff

3rd Line Security Analyst, Cardiff
Description
JobTitle Level3SecurityAnalystIncidentResponse&VulnerabilityManagement Department ServiceDelivery/Security ReportingTo SecurityLead/ServiceDeliveryManager OperatesunderthedirectionoftheIncidentManagerduringsecurityincidents Location UK(Hybrid)OfficeinCardiff1-2daysperweek,regularclientsitetravel. WorkingPattern MondaytoFridaywithparticipationintheon-callSecurityandMajorIncidentrotaasrequiredRolePurpose TheLevel3SecurityAnalystisresponsibleforthetechnicalinvestigation,containment,remediation,andresolutionofITsecurityincidentsandvulnerabilitiesacrossacomplex,multi-sitecustomerestatesupportedbytheMSP. Theroleactsasaseniortechnicalauthorityforsecurityincidents,workingalongsideIncidentManagement,Infrastructure,Network,andApplicationteamstoensuresecurityissuesareresolvedend-to-end,correctlydocumented,anddonotreoccur.KeyAccountabilitiesSecurityIncidentInvestigation&Response Actasthetechnicalleadfortheinvestigationofsecurityincidentsacrosssupportedplatforms. Investigatemalware,ransomware,accountcompromise,unauthorisedaccess,suspiciousactivity,andsecuritymisconfiguration. Performdetailedrootcauseanalysisacrossendpoint,identity,network,andapplicationlayers. AdvisetheIncidentManageronincidentscope,impact,containment,eradicationstrategy,andrecoveryvalidation.Driveincidentsthroughtofulltechnicalresolution,nottemporarymitigation. KeyAccountabilitiesVulnerabilityManagement Investigatevulnerabilitiesidentifiedviascanningplatforms,endpointandcloudtooling,supplierdisclosures,andauditactivity. Assessriskbasedonexploitability,exposure,andoperationalimpact.Ownremediationactionsend-to-end,coordinatingwithInfrastructure,Network,andthird-partysuppliers. Validateremediationandensureappropriateevidenceiscapturedforassuranceandaudit. Platforms&TechnologyScope End-userdevicesincludingWindows,macOS,tablets,andperipherals. Microsoft365includingEntraID,Exchange,SharePoint,Defender,andendpointprotection. IdentityandAccessManagementincludingprivilegedandserviceaccounts. On-premisesandcloud-hostedservers. Networkinfrastructureincludingfirewalls,switches,wireless,andWANconnectivity.Cloud-hostedandsupplier-managedapplications. Documentation,Audit&ContinuousImprovement Produceclear,technicallyaccuratedocumentationcoveringincidents,rootcauseanalysis,andcorrectiveactions. Supportgovernance,customerassurance,andauditrequirements. Contributetopost-incidentreviewsandlessonslearned. Identifyrecurringissuesandrecommendlong-termimprovements. EnsureincidentsandvulnerabilitiesarecorrectlyloggedandtrackedwithinITSMsystems.Collaboration&Escalation WorkcloselywithIncidentManagers,Securityspecialists,andLevel3InfrastructureandNetworkteams. ActasaseniorescalationpointforLevel1andLevel2teams. Engagethird-partysupplierstoprogressinvestigationandremediation. Participateinout-of-hoursresponseasrequired. Knowledge,Skills&ExperienceEssential ProvenexperienceinaLevel3orSeniorSecurityAnalystorIncidentResponserole. Hands-onexperienceinvestigatingandresolvingincidentsacrossendpoints,identityplatforms,networks,andcloudservices. Strongunderstandingofmalwareandransomwareresponse,identitycompromise,andvulnerabilityremediation.ExperienceworkingwithinformalSecurityIncidentandMajorIncidentprocesses. Strongwrittendocumentationandstakeholdercommunicationskills. Knowledge,Skills&ExperienceDesirable Experiencesupportingmulti-siteoroperationallysensitiveenvironments. FamiliaritywithDefender,SIEM,EDR,andvulnerabilitymanagementtools. UnderstandingofregulatedorPCI-adjacentenvironments. Relevantsecuritycertificationsorequivalentexperience. BehaviouralCompetencies Takesownershipfromdetectionthroughtoresolution.Investigatesthoroughlyandchallengesincompletefixes. Calm,methodical,anddecisiveduringliveincidents. Understandsoperationalandbusinessimpact. Professionalandconfidentwhenengagingcustomersandsuppliers. DecisionMaking&Authority Makestechnicaldecisionsrelatingtoinvestigation,containment,andremediationofsecurityincidents. EscalatesriskanddecisionpointsappropriatelytoIncidentManagementandServiceDeliveryleadership. KeyInterfaces IncidentManagement SecurityOperations InfrastructureandNetworkServices Third-partysuppliersCustomerstakeholdersviastructuredincidentcommunications TPBN1_UKTJ
Highlights
  • Company name
    Operations Resources Limited
  • Job position
    3rd Line Security Analyst
Safety Tips
Report any suspicious ads or messages.
1 / 10
Related searches
More info about this ad

3rd Line Security Analyst has been posted in the Cardiff Accounting, Financing & Banking category on Locanto.

In this category, there are no other ads right now posted in Cardiff.

You can find the Accounting, Financing & Banking category under Jobs. Want something else? Check out the related categories Recruitment & HR, Healthcare, Beauty & Wellness and Social Work & Nonprofit Cardiff.

Interested in more? Widen your search to view ads in nearby areas of Cardiff. This includes Accounting, Financing & Banking in Barry, Caerphilly and Penarth. There are more ads within a 10 mi radius for this category. If you want to view those ads, click here.