Security Analyst - Immediate Start

Job type:
on-site
Start date:
16.11.20
Duration:
5 months
From:
Yoh
Location:
Wiltshire
Published at:
10/29/2020
Country:
flag_no United Kingdom
Project ID:
1990577

Warning
This project has been archived and is not accepting more applications.
Browse open projects on our job board.

IT Security Analyst (Penetration Testing)

Location - Wiltshire

Start - Immediate

Duration - 5 Months

Rate - £350-£450 per day

Yoh Solutions are currently recruiting on behalf of a large Utilities business based in the Wiltshire area. Due to continued developments in offering modern working environments for their internal staff they are looking to add specialist and expert experience into their IT Security team, supporting 20,000 users across their multiple business units. The position of IT Security Analyst (Penetration Testing Analyst) will be to define the end to end Penetration Testing Service and all supporting processes that are needed with the input of the IT Security Manager.

Key responsibilities

  • Document the processes and make recommendations for process improvements.
  • Define and document the Penetration Testing Security Standard
  • Co-ordinate and manage Penetration Testing requests from the relevant IT and Business Stakeholders and gather and document all requirements for the requested security assessment
  • Engage with the Third Party Penetration Testing Provider to discuss the Penetration Testing requirements and schedule the testing
  • Assist in ensuring all pre-requisites from the Third Party Penetration Testing Provider are fulfilled before the appointment takes place
  • Assist the IT Security Manager (Vulnerability Management) in the management and co-ordination of the remediation activities relating to the open findings from a Penetration Test and ensure they are communicated and remediated in a timely manner
  • Maintain the IT Security risk register and provide input to the IT Security Operations Team Lead for any internal and external audits relating to Penetration Test as and when required
  • Provide written analysis for monthly reports on an as-needed basis
  • Create Reports and Dashboards
  • Generate reports for both technical and non-technical staff and stakeholders
  • Assist in the Day to Day Service Management of the Vulnerability Management as and when required or when the IT Security Manager is on holiday/leave
  • Assist with CIS Benchmark Deviation requests and liaise with the relevant teams to ensure resolution in a timely manner.

Infrastructure and Provider Management consists of the following functional areas

  • Data Centre & Cloud
  • End User Computing
  • IT Security
  • Networking and Unified Communications
  • Provider Management
  • Service Management

Experience required as an IT Security Analyst (Penetration Testing Analyst)

  • Strong Experience in Process and Service Design for IT Security Operational Services particularly Penetration Testing
  • Experience of Vulnerability Management and/or Penetration Testing processes and remediation of vulnerabilities/penetration testing findings in a timely manner
  • Good understanding of vulnerability frameworks and advisories (NVD, CVE)
  • Strong analytical, troubleshooting and problem-solving skills for vulnerability management and penetration testing
  • Experience of CIS Benchmarks Policies
  • Knowledge of Active Directory and Group Policies
  • Knowledge of OWASP
  • Good knowledge of attack vectors particularly MITRE Attack Framework
  • Knowledge of Cloud security principles, techniques and technologies
  • Knowledge and experience with Windows, Unix/Linux operating systems
  • Experience working with an MSSP or Third Party Provider
  • Good understanding of Firewalls and Network Security
  • Understanding of network protocols
  • Keep up to date with current threat intelligence
  • Experience as a Pen Tester is an advantage but not essential

Required Qualifications:

  • CompTIA Security+

Nice to have but not essential:

  • CEH
  • CISSP

This is an exciting new contract opportunity for an experienced IT Security Analyst (Penetration Testing Analyst) who is looking to start work immediately. If you would like to know more about this opportunity please apply today for a short consultation and interview arrangement.