Cyber Security Analyst

at  Luton Borough Council

Incident response experience

• Qualification / Certification in Cyber Securit

DAILY TASKS WILL INVOLVE THE FOLLOWING:

• Endpoint monitoring and analysis.
• Incident readiness and handling as part of the Computer Security Incident Response (CSIRT) team.
• Monitor and administer Security Information and Event Management (SIEM).
• Malware analysis and forensics research.
• Understanding/ differentiation of intrusion attempts and false positives.
• Investigation tracking and threat resolution.
• Vulnerability identification & mitigation / remediation.
• Compose security alert notifications.
• Help develop cyber security process & procedures.
• Advise incident responders & other teams on threat.
• Triage security events and incidents apply containment and mitigation/remediation strategies.
• Generate reports and document security incidents / events.
• Proactively monitoring the performance of systems, and make regular routine inspections of installed equipment and take corrective avoidance actions to prevent wider problems.
• Act as the point of escalation for the Service desk for security related tickets.
• Analysis of weekly vulnerability scans and update relevant records.
• Responsibility for the health, safety and wellbeing of yourself and colleagues in the workplace; supporting our journey to create an open and honest wellbeing culture at LLA.

KEY REQUIREMENTS FOR THE ROLE

• A well organised and structured approach to work planning, time allocation to tasks, and a flexible approach to daily routines to deliver the desired results.
• An ambition to constantly learn new skills and develop knowledge, with an understanding that study time outside of working hours may be required for career development.
• Credible knowledge/experience in Microsoft Windows Operating Systems.
• Credible knowledge/experience of Active Directory, Group policies, TCP/IP, DNS, DHCP and Exchange Server.
• Capable of effectively multi-tasking, prioritizing work, and handling competing interests
• Capable of analysing information technology logs and events sources preferred
• Working knowledge of data storage systems, data backup and restoration methods.
• Understanding of security tooling, its purpose and functionality (Anti-Malware, IPS, Web and Email Gateways, security analysis tools, web security tools, next generation firewall/UTMs)
• A team player with good work ethic, communication skills and a professional who maintains customer-service based approach.
• Ability to work independently while managing support to a high standard
• Contribute credibly to IT department’s delivery of SLAs and other support targets
• Self-motivated to advance own knowledge & gain formal qualifications
• Ability to analyse vulnerabilities, threats, designs, procedures and architectural design, producing reports and sharing intelligence
• Advanced knowledge of computer forensics; legal, government and jurisprudence as they relate to cybersecurity; operating systems; and methods for intelligence gathering and sharing
• Knowledge of Cloud computing, computer network defence, identity management, incident management and network security.
• Significant experience within a SOC environment

Incident response experience

• Qualification / Certification in Cyber Security