Weatherbys has been a family run business since 1770 carrying forward the reputation of being an exciting place to work and grow. We appreciate and value all our employees and strive to ensure everyone is provided with the opportunity to develop and play an active role in achieving the organisation’s aims and vision.

SKILL REQUIREMENTS:

· Extended Detection & Response (XDR): Familiarity with Microsoft Security Portfolio of products.
· Network Security: Understanding of TCP/IP, DNS, VPNs, firewalls, and packet analysis (e.g., Wireshark).
· Threat Intelligence: Use of platforms like MISP, Recorded Future, or ThreatConnect.
· Vulnerability Management: Experience with tools like Tenable Nessus, Qualys.
· Scripting & Automation: Proficiency in Python, PowerShell, or Bash for automating security tasks.
· Cloud Security: Knowledge of MS Azure.
· Privileged/Identity & Access Management (IAM): Understanding of RBAC, MFA, SSO, and directory services (e.g., Active Directory, Azure AD).
· Log Analysis & Forensics: Ability to analyse logs and artifacts from Windows, Linux, and cloud environments.
· Security Frameworks: Familiarity with MITRE ATT&CK, NIST CSF, CIS Controls.

PREFERRED QUALIFICATIONS:

· Industry certifications such as CompTIA CySA+, SSCP, CEH, GCIA, or equivalent.
· Experience with DevSecOps practices and CI/CD pipeline security.
· Microsoft SC-900, AZ-500

JOB PURPOSE

The Security Analyst will be based at our head office in Wellingborough, Northamptonshire and will report to the Senior Information Security Officer and together will work alongside the IT Service Delivery Manager, Infrastructure Team, DevOps, and Compliance Teams to ensure the security of our infrastructure and data. There is the opportunity for hybrid working, upon successful completion of the probationary period.

KEY RESPONSIBILITIES:

· Monitor and analyse security alerts from various tools such as WAF, SIEM, IDS/IPS, firewalls, and endpoint protection platforms.
· Investigate and respond to security incidents, including containment, eradication, and recovery.
· Conduct vulnerability assessments and coordinate remediation efforts.
· Perform threat hunting and behavioural analysis using threat intelligence and analytics tools.
· Maintain and tune security tools, detection rules, and automation scripts.
· Support compliance initiatives (e.g., ISO 27001, NIST, GDPR).
· Document incidents, procedures, and technical findings clearly and accurately.
· Ensure timely management and resolution of tickets, both internal/partner and third-party suppliers.
· Remain up to date with the latest security threats, trends, and technologies.