Lead Security Analyst
  • United Kingdom London
  • Jobs via eFinancialCareers
1 year before
31.12.2023
Protect and Defend
Cyber Defense Analysis
Job Description

About the job
Join us as a Lead Security Analyst

Become a key member of Mettle's growing security team, working closely with our Chief Information Security Officer to build our security operation capabilities
Day-to-day, you'll be part of a digital-only environment that'll require you to adhere to Agile practices and make sure that Mettle is at the forefront of modern security
Thrive in a role that'll have you managing security operations to maintain intelligence- and risk-led detections across our Cloud infrastructures, SaaS services and end user devices

What You'll Do

As a Lead Security Analyst, you'll provide an end-to-end security response, including triage, response, escalation and the coordination of events. You'll also contribute to the root cause analysis of security incidents and conduct training and scenario planning to prepare for future events.

As well as this, you'll be responsible for making sure that adequate response plans, procedures and playbooks are created and maintained for all business areas to increase the consistency and effectiveness of our response capability.

In addition to this, you'll be:

Building our improved security data lake and implementing clear use cases
Using business as usual capabilities to cover vulnerability management, threat intel and threat hunting and working with threat intelligence to build in detections for new threats
Improving detection and visibility for security events across our Cloud infrastructures and SaaS and native mobile applications
Shaping responses to security events with runbooks and automation where possible
Promoting and implementing new security initiatives while performing trials for new security tools

The Skills You'll Need

To be successful in this role, you'll need the ability to translate complex technical concepts clearly to your peers and management level colleagues. Experience of mentoring and leading small teams and building security operation capabilities from scratch would be beneficial.

You'll have a good understanding of common industry cyber security frameworks, standards and methodologies, including the Open Web Application Security Project, MITRE, Adversarial Tactics, Techniques and Common Knowledge and the National Institute of Standards and Technology.

Furthermore, you'll need:

An excellent knowledge of security event logging, monitoring, detection and responses on one or more of the leading Cloud platforms
The ability to work in a fast-paced environment and an understanding of scripting languages, like Python
Experience of vulnerability management, threat intel and data protection capabilities and knowledge of how to work with other teams
An interest in security and an understanding of how to learn and grow within a team
Experience of building security monitoring and response capabilities and excellent written and verbal communication, collaboration and stakeholder management skills.

Quick response
Required Knowledge
  • K0001   Knowledge of computer networking concepts and protocols, and network security methodologies.
  • K0002   Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).
  • K0004   Knowledge of cybersecurity and privacy principles.
  • K0005   Knowledge of cyber threats an`d vulnerabilities.
  • K0013   Knowledge of cyber defense and vulnerability assessment tools and their capabilities.
  • K0070   Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Procedural Language/Structured Query Language [PL/SQL] and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code).
  • K0106   Knowledge of what constitutes a network attack and a network attackā€™s relationship to both threats and vulnerabilities.
  • K0177   Knowledge of cyber attack stages (e.g., reconnaissance, scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks).
  • K0297   Knowledge of countermeasure design for identified security risks.
  • K0339   Knowledge of how to use network analysis tools to identify vulnerabilities.
  • K0624   Knowledge of Application Security Risks (e.g. Open Web Application Security Project Top 10 list)
Required Skills
  • S0036   Skill in evaluating the adequacy of security designs.
  • S0147   Skill in assessing security controls based on cybersecurity principles and tenets. (e.g., CIS CSC, NIST SP 800-53, Cybersecurity Framework, etc.).
  • S0167   Skill in recognizing vulnerabilities in security systems. (e.g., vulnerability and compliance scanning).
Required Abilities
  • A0015  Ability to conduct vulnerability scans and recognize vulnerabilities in security systems.