Cybersecurity Analyst

Ideagen have an exciting opportunity for a Cyber Security Analyst to join our growing Cyber Security Unit (CSU) team. With experience in compliance and internal audit, as an analyst, you will assess and test both internal corporate and customer production systems using a range of industry technical standards and tools. You will liaise with external security partners in scoping and scheduling independent testing and auditing of our systems, as well as a variety of Cyber Security activities including monitoring our computer networks for security issues within end-user and cloud-based environments, installing, and maintaining security software, participating in incident management, and documenting the security issues or breaches discovered.

The Cyber Security Analyst will work in the CSU team assessing the security and compliance of the organisation against regulatory and industry requirements and standards, and against security best practice frameworks to enhance the organisation’s security posture and business processes that protect information and privacy.

To be successful, you should have a good understanding of framework requirements underpinned by a strong and practical knowledge of associated technical and organisational security controls, the knowledge and ability to perform assessments and tests that ascertain the effectiveness of those controls, and the analysis of results to develop reports that convey key information about issues and improvement opportunities to internal and external customers.

**Key Responsibilities**:

- Continual professional development, maintaining and broadening industry knowledge and expertise through education and certification credentials
- Work with security team to perform tests to detect network and computer system vulnerabilities
- Draft assessment and test programmes that sufficiently address required objectives and the complexity of the operational environment
- Define, design, execute, examine, and test procedures in accordance with appropriate security frameworks and controls
- Autonomously lead internal walkthroughs within the organisation to determine the conformity of environments against stated requirements
- Ensure cyber security policies are adhered to and that required controls are implemented
- Review and assess respective information system security plans to ensure control requirements are met
- Assess and test corporate and delivered production systems for security vulnerabilities
- Educate and interpret compliance activities throughout the global organisation for effectiveness
- Participate in the investigation of security breaches and other cyber security incidents
- Document security breaches and assess the damage they cause
- Assess confidentially provided documentation for compliance with relevant standards
- Offline and remote evidence inspection of client provided documentation; appropriately mark artifacts requiring follow-up or additional clarification
- Pursue and corroborate conclusions derived from assessment and test procedures
- Prepare and peer review assessment reports
- Develop documentation and author recommendations associate with your findings on how to improve the customer’s security posture in accordance with appropriate controls
- Personal responsibilities and attributes:

- Have a great attitude to establish positive collaborative relationships with peers and stakeholders
- Inquisitive and curious nature with the ability to effectively probe for deeper information
- Stay current on IT security trends and standards, strong technical researcher
- Demonstrated experience reading and interpreting security framework criteria
- Assist in the development of company-wide best practice and security enhancements for IT and Cyber security
- Instruct and guide end-users on cyber security topics
- Strong written and verbal communication skills including the ability to explain technical matters to a non-technical audience
- High attention to detail and quality
- Appropriately manage time and meet deadlines

**Knowledge & Experience**:

- 2+ years of experience as a Cyber/Information security analyst, IT auditor, Business analyst, or similar role
- Experience with vulnerability scanning, penetration testing tools and manual exploitation techniques
- Experience and demonstrated ability to independently research a technical topic and develop logical assessment and testing approaches
- Experience and demonstrated ability to test sessions for assigned controls

**Desirable Experience**:

- Experience in security frameworks and regulatory requirements (such as SOC 2, ISO 27001, NIST, COBIT, HIPAA/HITECH, HITRUST or PCI)
- Experience working with technologies hosted via cloud computing environments (e.g., Amazon Web Services, Microsoft Azure)
- Programming skills, any of Python, Perl, Java, Shell Scripting, would be beneficial