Technical Security Analyst
  • United Kingdom London
  • Jobs via eFinancialCareers
1 year before
31.12.2023
Protect and Defend
Incident Response
Job Description

About the job
Join us as a Technical Security Analyst

This is an opportunity to take on a technical role and make a tangible impact on Mettle's growing Security team
Working in a digital-only environment, you'll adhere to Agile practices and make sure that Mettle is at the forefront of modern security
You'll work closely with the Head of Security to develop, manage and maintain both intelligence and risk led detections across the cloud infrastructure, SaaS services and end user devices

What You'll Do

As a Technical Security Analyst , you'll provide end to end security response, including triage, response, escalation, and coordination of events and incidents. You'll carry out and contribute to root cause analysis on security incidents and events, conduct training and scenario planning to prepare for and anticipate future events.

You'll also be accountable for ensuring that adequate response plans, procedures and playbooks to increase consistency and effectiveness of response capability are created and maintained for all business areas.

You'll also be:

Improving detection and visibility for security events across our cloud infrastructure, SaaS applications and native mobile applications
Helping to shape responses to security events with runbooks and automation where possible
Working with threat intelligence to proactively build in detections for new threats
Promoting and implementing new security initiatives, and trialling new security tools

The Skills You'll Need

We're looking for someone who's highly interested in security with an ability to work in a fast paced environment. You'll need excellent written and verbal communication skills, and the ability to translate complex technical concepts clearly to your peers and management level colleagues.

Ideally, you'll have experience of vulnerability management, threat intelligence and data protection tooling.

In addition, you'll need:

Knowledge of security event logging, monitoring, detection and response on one or more of the leading cloud platforms
An understanding and knowledge of common industry cyber security frameworks, standards and methodologies, including OWASP, MITRE ATT&CK and NIST
Knowledge of scripting languages such as Python
Good collaboration and stakeholder management skills, and the ability to work with other teams.

Quick response
Required Knowledge
  • K0001   Knowledge of computer networking concepts and protocols, and network security methodologies.
  • K0002   Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).
  • K0004   Knowledge of cybersecurity and privacy principles.
  • K0005   Knowledge of cyber threats an`d vulnerabilities.
  • K0046   Knowledge of intrusion detection methodologies and techniques for detecting host and network-based intrusions.
  • K0157   Knowledge of cyber defense and information security policies, procedures, and regulations.
  • K0161   Knowledge of different classes of attacks (e.g., passive, active, insider, close-in, distribution attacks).
  • K0177   Knowledge of cyber attack stages (e.g., reconnaissance, scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks).
  • K0179   Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).
  • K0230   Knowledge of cloud service models and how those models can limit incident response.
  • K0624   Knowledge of Application Security Risks (e.g. Open Web Application Security Project Top 10 list)
Required Skills
  • S0078   Skill in recognizing and categorizing types of vulnerabilities and associated attacks.
  • S0079   Skill in protecting a network against malware. (e.g., NIPS, anti-malware, restrict/prevent external devices, spam filters).
  • S0173   Skill in using security event correlation tools.
  • S0365   Skill to design incident response for cloud service models.
Required Abilities
  • A0121  Ability to design incident response for cloud service models.
  • A0128  Ability to apply techniques for detecting host and network-based intrusions using intrusion detection technologies.