Job Title: Junior Cyber Security Analyst
Location: London
Department: Technology
Permanent
Department overview:
Our Technology Infrastructure team operates globally and is responsible for every aspect of the firm's platforms. This ranges from our EUC/Office environments to Trading and Core service Co-Location Data Centres, and extends to Public Cloud, delivering top-tier technology services to a dynamic and demanding Trading organisation.
In addition to meeting the round-the-clock operational demands of the platforms, we continuously evolve and transform our platforms to maintain a competitive edge that our business requires. We innovate to provide valuable solutions and leverage our skilled Technology teams to deliver against rapidly changing business requirements.
Role overview:
The candidate would support the Cyber Security Manager and the company’s cyber security strategy. We work closely with the other technology teams and business areas.
They must be pragmatic, enjoy challenges and be keen to learn. Be adaptable and level headed in pressure situations. A problem solver with a love of technology, with a desire to learn new concepts and applications quickly.
The role requires supporting staff located globally in a dynamic environment where business and priorities will react to market requirements & trading priorities. Risk assessment and operational effectiveness are key whilst maintaining a pragmatic approach to the security vs convenience balance.
• Assist with ongoing improvement of Cyber Security tooling, configuration (best practise), identify gaps for improvement
• Responding to Alerts from multiple sources, e.g. generated by tooling reports & emails.
• Threat Hunting – assist investigation and root cause of security alerts and issues, covering core technologies
• Create training and phishing campaigns to assess staff capability
• Support and engage with infrastructure teams to progress analysis and mitigations
• Ability to determine and prioritise own workload, self-motivated, good communicator
• Assist with security assessments of 3rd party tools, network infrastructure, hosts and applications – ability to enumerate hosts and services, packet captures
• Assist providing training and advice to all staff
• Facilitate external security testing and mitigation (Pen testing)
• Occasional Weekend working onsite, regular out of hours alert/email monitoring
• Assist with due diligence of 3rd party tooling and services to assist business with purchasing decisions, security testing applications
• Create appropriate documentation
• Assist with Annual Review and update of Security policies and process
• Ability to interpret and convey complex security issues to non-technical staff
• Engagement with vendors for call out, assistance and support
Experience required:
• 3 years’ minimum experience in a Cyber Security Analyst or equivalent role
• Background in IT/System Administration of Linux/Windows technologies
• Knowledge of Enterprise Class infrastructure technologies
• Demonstrate understanding of TCP/IP + Firewalls technologies
• Experience of Linux/Windows command line for reviewing processes, service state, network activity, restarting services.
• Understanding of wider Technologies around Server, Desktop, Storage, Network, Database, F/Walls, SaaS, Virtual Machines.
• Experience of Advanced Threat Protection / Behavioural Analytics Tooling
• Demonstrate understanding of security issues announced in the industry, threat actors, and interpret appropriate response/activity based on risk and impact
• Knowledge of running exploits/penetration testing for assessment of our own tools and infrastructure.
• Experience of incident management process, vulnerability assessment and management
• Demonstrate Understanding of DLP, IPS, Endpoint, anti-malware, Sandbox, Vulnerability scanners, and Email security
• Understanding of common methods of attack, from phishing to insider threats
• TCP/IP, computer networking, routing and switching – an understanding of the fundamentals: the language, protocols used and underpinning technologies of the internet
• Experience working in a Financial environment
Desirable:
• Experience of forensics – investigation and analysis of how and why a breach or other compromise occurred
• Cyber Security Qualification (Ethical hacking, CISSP or equivalent)
• Penetration testing of applications and infrastructure
• Scripting in at least one of bash, python or powershell
About you:
The ideal candidate is analytical and methodical, with a proven track record in problem-solving, critical BAU, advanced engineering and technology service delivery in a high-pressure, time-sensitive environment.
You should be passionate about emerging technology trends, innovations and directions, and eager to suggest and implement new solutions to enhance our technology performance. You should also understand the need for rapid delivery while appreciating business risk and constraints to ensure adherence to service levels.
The candidate should have extensive experience working both independently and as part of a diverse team, meeting both broad and specific project/BAU objectives. This role requires excellent organisational skills, open communication, and a collaborative approach.
BlueCrest is committed to providing an inclusive environment for its workforce. As an employer, we provide equal opportunities to all people regardless of their gender, marital or civil partnership status, race, religion or ethnicity, disability, age, sexual orientation or nationality.
