Senior Security Analyst

Home  »  Jobs   »   Senior Security Analyst

Job Description

Senior Security Analyst

What you’ll do:

Supporting the security team to ensure that appropriate technologies and processes are in place to defend CIG infrastructure from cyber threats

Key duties include:

  • Security review of external facing web apps and systems

  • Security review of internal web apps and systems

  • Security review of 3rd party applications where sensitive data is to be stored

  • Regular review of the CIG security estate

  • Document security testing, gaps and enhancements

  • Provide support and necessary advice on secure development practices to defend against all currently exploited threats

  • Code reviews of developments prior to release to production

  • Provide advice and support on network level changes that could have an impact on security (Firewall, file permissions, changes to web servers etc.)

  • Support 3rd party security testing and verify the implementation of suggested remediation’s

  • Promote and support security awareness and responsibilities throughout the business

  • Provide advice on secure configuration of web, application servers, internet facing systems and desktop protections

  • Monitor and prioritise the remediation of security alerts/notifications (CVEs)

  • Recommend, support and oversee, introduction of current security technologies and obsoleting of insecure technologies

  • Provide security training presentations to staff in order to maximise the level of the human cyber defence

  • Develop and support the team in implementing security policies, protocols and procedures 

  • Attend meetings with other managers to determine operational needs

  • Review and create reports on incidents and breaches

What you’ll need to succeed:

  • Demonstrable experience in a cyber security role

  • Experience in a development role or Infrastructure Role

  • An understanding of the OWASP Top 10 and Mitre Top 25

  • Some experience with security testing tools including HTTP intercept proxies

  • A track record of identifying security issues and providing remediation advice

  • Strong interpersonal and communication skills

  • Some ability to understand how a business functions and to balance security needs with organisational goals

  • Understanding of Cyber Essentials, NIST and ISO accreditations

  • Problem-solving and analytical ability

  • A collaborative work style

  • Commitment to continuous development and continuing education, to stay on top of IT and cybersecurity trends

Salary: NA

Job Summary

Isle of Man
Ref ID: 4048