SR Cyber Security Analyst (12 month fixed-term contract)

Company Description

Informa is a leading international events, intelligence, and scholarly research group.

We’re the specialist’s specialist. Through hundreds of powerful brands, we work with businesses and professionals in specialist markets, providing the connections, intelligence and opportunities that help customers grow, do business, make breakthroughs, and take better informed decisions.

Informa is listed on London Stock Exchange and a member of FTSE 100, with over 11,000 colleagues working in more than 30 countries.

Job Description

The Senior Cybersecurity Analyst will be responsible for developing and documenting standards, processes, and processes to identify, detect, protect, respond, and recover from cyber security threats and attacks.

 Key responsibilities of the role

• Research and assist in architect security solutions
• Assist in defining Security KPIs
• Provide weekly and monthly reporting related to security KPIs
• Assist the Head of IT Security in design, management, and implementation of cybersecurity projects
• Take lead in investigations
• Implement and manage CrowdStrike Policies according to best practices
• Expertise in Microsoft Sentinel
• Expertise in Microsoft Windows Defender for Cloud
• Expertise in Microsoft Windows Defender for Endpoint (Server and Workstations) configuration, deployment, architecture, management, and reporting.
• Expertise in Microsoft Windows Defender for Linux
• Expertise in Windows Defender for Mobile (Android and iPhone)
• Experience with SIEM/SOAR/MDR platforms
• Lead and develop expertise in securing Cloud resources/workloads (AWS/Azure).
• Assist with implementation of countermeasures or mitigating controls.
• Experience with various SIEM migration projects.
• Analyze and create remediation tracking activities against exploitable vulnerabilities discovered in the environment
• Responds to cyber security incidents according to the computer security incident response policy
• Provides guidance to first responders for handling information security incidents
• Assist in identifying weak configuration areas for internet facing systems
• Coordinates efforts among multiple business units during response efforts
• Provides timely and relevant updates to appropriate stakeholders and decision makers
• Provides investigation findings to relevant business units to help improve information security posture
• Validates and maintains incident response plans and processes to address potential threats
• Compile and analyze data for management reporting and metrics
• Monitors information security related websites to stay up to date on current attacks and trends
• Analyzes potential impact of new threats and communicates risks to relevant business units
• Assist in building response playbooks against cybersecurity trends
• Ability to be pragmatic and strategic to achieve cybersecurity related goals

Qualifications

What we’re looking for

The ideal candidate profile will include many of the following points:

• An understanding of business needs and commitment to delivering high-quality, prompt, and efficient service to the business
• An understanding of organizational mission, values, and goals and consistent application of this knowledge
• Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one
• An ability to effectively influence others to modify their opinions, plans, or behaviors
• An ability to work well under pressure while maintaining a professional image and approach
• An ability to perform independent analysis of complex problems and distill relevant findings and root causes
• An ability to communicate complex and technical issues to diverse audiences, orally and in writing, in an easily understood, authoritative, and actionable manner
• A team-focused mentality with the proven ability to work effectively with diverse stakeholders

Typical Education and Experience

• BS in Computer Science, Information Security, or a related field
• CompTIA Security +
• Full understanding of TCP/IP
• Full understanding of DNS
• Full understanding of DHCP
• Extensive knowledge of network and server security products, technologies, and protocols including TCP/IP, UDP, DHCP, FTP, SFTP, SNMP, SMTP, SSH, SSL, VPN, RDP, HTTP and HTTPS.
• Strong knowledge of operating under a zero-trust security methodology.
• Technical experience with Microsoft Identity and Access management (Azure Active Directory, Azure Active Directory premium solutions, Conditional Access, SSO, MFA, PIM).
• Strong Knowledge of Microsoft Cloud App Security and related security tools
• Strong knowledge of email security gateways.
• Technical understanding of the MITRE ATT&CK Framework and Threat Modeling
• Strong knowledge of Active Directory infrastructure in a multi-forest environment.
• Strong analytical, problem-solving, and conceptual skills with the combination of log correlations.
• In-depth knowledge of Red Team concepts such as reconnaissance, malware delivery and functionality, attack methodologies.
• 5+ years of experience in information security, especially in an incident response role  
• 5+ years of experience with regulatory compliance and information security management frameworks (e.g., IS027000, COBIT, NIST 800, etc.)
• Working Knowledge of CrowdStrike EDR
• Working Knowledge of TrendMicro Deep Security
• Working Knowledge of Python
• Working Knowledge of API integrations and data extraction
• Working Knowledge of data manipulation
• 10+ years of experience in an Enterprise working environment
• Knowledge of ITIL principles
• 5+ years of experience with vulnerability management and penetration testing tools (Tenable.io, Nessus Pro, Open Vas, Kali Linux, Burp Suite)
• Deep understanding of attack vectors
• Optional: RHCE

Additional Information

Employee experience is very important to us at Informa. On top of joining a supportive, diverse and ambitious team that welcomes all types of candidates, we make every effort to offer flexible working patterns and prioritise promotion opportunities for internal candidates. Our benefits include: 

• A tailored learning and development plan and access to online material to support your career development   
• 25 days annual leave, 4 days for volunteering and a day off for your birthday!  
• Competitive Benefits package including pension, healthcare and a range of wellbeing benefits
• Share-Match options so you can become a shareholder   
• Regular social events and networking opportunities 

We know that sometimes the 'perfect candidate' doesn't exist, and that people can be put off applying for a job if they don't fit all the requirements. If you're excited about working for us and have most of the skills or experience we're looking for, please go ahead and apply. You could be just what we need! We believe strongly in the value of diversity and creating supportive, inclusive environments where our colleagues can succeed.  As such, Informa is proud to be an Equal Opportunity Employer.  We do not discriminate on the basis of race, colour, ancestry, national origin, religion, or religious creed, mental or physical disability, medical condition, genetic information, sex (including pregnancy, childbirth, and related medical conditions), sexual orientation, gender identity, gender expression, age, marital status, citizenship, or other protected characteristics under local law. This role may also be available on a flexible working or part time basis – please ask the Talent Acquisition team for more information