Cyber Security Analyst

at  British Land

REQUIRED SKILLS

• Experience of working in a cyber security role (min 5+years), especially in an incident response role or security operations centre
• Experience of working in Desktop support/service desk/EUC
• Network security and networking technologies
• Entra ID
• Rapid 7 insightIDR and insightVM
• Office 365
• Intune

PREFERRED SKILLS

• Tenable Vulnerability Management
• Mimecast (or similar)
• DarkTrace Detect
• Microsoft Purview Data Loss Prevention and Insider Risk Management
• AWS Security
• Azure Security
• ISO 27001 or NIST Framework experience
• Antivirus technologies (Sophos or Defender)

THE ROLE

The primary responsibility of this role will be to help identify, investigate and respond to cyber incidents within the British Land corporate environment. This role is the first line of defence, constantly monitoring for unusual activity that may suggest a cyber-attack, investigating with colleagues in Group Technology and taking appropriate action to resolve the incident. This will involve active monitoring of the Managed SIEM/MDR portal, in addition to a range of Cyber Security tools that are used within British Land.
This is a new role within the team and you will have the opportunity to help shape, adapt and define how it will work. The role will also be involved in managing our existing cyber architecture, and planning and implementation of preventative security measures.
The ideal candidate will have a proven experience of cyber security principles and be proactive in identifying and responding to security threats.

WHAT YOU’LL DO

Assisting with the support of technologies in the following categories:

• Active monitoring of Rapid 7 SIEM and liaison with Rapid 7 SOC . Analysis of the nature of the detected threat, its potential impact and best course of action
• Active monitoring and investigate of incidents raised via of DarkTrace Network portal for all incidents and investigation
• Active monitoring of Microsoft Defender portal (covering Defender for Endpoint, and Defender for Identity), and ownership of reviewing recommendations (including Security Score, Device Compliance)
• Active monitoring and investigate of Microsoft Purview Insider Risk Management portal
• Monitoring of Threat Intelligence systems and escalating potential risks that may affect British Land
• Monitoring of relevant information sources to stay up to date on current attacks and trends
• Working with teams across IT (including Service Desk / EUC / Infrastructure / Software Development) to investigate and respond to the threat
• Responsibility for keeping a detailed record of any incident and response
• Conduct root-cause analysis to document findings
• Provide metrics for incident management and device compliance and security for sharing with Information Security Steering Committee
• Assist in design and oversight of vulnerability management across Infrastructure, EUC and Software Development
• Assist with research into new cyber security tools and process improvements
• Assist with the design and implementation of secure systems
• Monitor identity and access management
• Liaise with stakeholders in relation to cyber security issues and provide future recommendations
• Research and generate reports for both technical and non-technical staff and stakeholders
• Give advice and guidance to staff on cyber security related issues
• Defining and monitoring security policies and best practice standards