Cyro Security Analyst

Location: Hybrid - London/ Warwick/Home
Type of Job: Permanent
Ref No: V11565

Cyro Cyber is looking for an Enthusiastic, Proactive, Security Analyst with a good broad IT knowledge who is keen to learn and develop their skills. 

Your duties will include monitoring networks, hosts and endpoints for malicious activity using Security Incident and Event Management (SIEM) tools, Endpoint Detection and Response (EDR) tools, Antivirus and Malware detection tools and email security systems.  You will also help to extend and enhance this capability under the direction of the CSOC Senior Analyst.  Other activities will include, updating policy, including input into wider CSOC Strategy Policy,, procedures and processes etc. Please note these are illustrative examples.  Input to and ownership of the formulation of policy and standards will be expected.  Specific security tooling will be under your remit.  Understanding of common security ‘controls’ in order that guidance can be proffered in the event that an incident or event would require intervention. 

Ideally you will have some of the following qualifications and / or experience 

  • CompTIA Network+, Security+ or CASP, & CYSA 

  • Microsoft Qualifications eg AZ-900, SC-900, SC-200 

  • Security or SOC-related security qualification or apprenticeship such as:  

Cisco Certified CyberOps Associate, or Cyber Technologist L4 Apprenticeship 

  • Sentinel, PowerShell, M365, InTune, MS Dynamics, Tenable 

You will be required to have / go through SC vetting. 

Role Profile

Working within CSOC, this key function supports the group in providing a monitoring, detection and incident response capability across the entire Cyro digital estate. 

As an Analyst/Security Engineer we want you to provide monitoring, detection, and response activities in the Cyro Cyber Security Operations Centre (CSOC).  The CSOC work underpins organisational cyber, security and IT Governance policies, plans and standards. 

You will be required to go through Security Vetting to at least SC level if you do not already have this. 

Responsibilities:

Your duties will include monitoring networks, hosts and endpoints for malicious activity using Security Incident and Event Management (SIEM) tools, Endpoint Detection and Response (EDR) tools, Antivirus and Malware detection tools and email security systems.  You will also help to extend and enhance this capability under the direction of the CSOC Senior Analyst.  Other activities will include, updating policy, including input into wider CSOC Strategy Policy,, procedures and processes etc. Please note these are illustrative examples.  Input to and ownership of the formulation of policy and standards will be expected.  Specific security tooling will be under your remit.  Understanding of common security ‘controls’ in order that guidance can be proffered in the event that an incident or event would require intervention. 

You will have relevant work experience in Cyber Security Operations, specifically monitoring, detection and incident response duties, have experience with using at least some of the tools related to EDR, DNS and email security, as well as with IOCs.  

Typical Deliverables  

The key deliverables of this role are as follows:  

  • Using available tools, timely and accurate monitoring of events within the Cyro estate. 

  • Clear communication of the incident issues in keeping with Cyro processes. 

  • You will be responsible for initial triage, investigation and incident response.  

  • Understanding and making a judgement on how and when to escalate detected incidents. 

  • Responsible for your own professional development.  

  • Ensuring all investigative activity is properly documented in our ticketing systems and followed up with relevant support teams. 

  • As part of your role as a CSOC Analyst position, some out of hours support is to be expected. A rota between the team members is used to ensure 24x7x365 cover is provided for the business. 

Requirements:

Minimum experience 1 – 2 years in a SOC or CSOC environment or using security tooling. 

Preferable to have some experience in other aspects of IT and a basic understanding of business processes. 

Background ideally within Rail, Public Sector. HMG or within Critical National Infrastructure (CNI).  

  • Some knowledge & understanding of, and experience in IT security 

  • Relevant experience in a Security Operations environment or similar environment. 

  • Understanding of networking protocols, routing & firewall functionality  

  • Hands-on experience with security technologies, including: 

  • Network Mapping and Analysis tools – nmap, Wireshark etc. 

  • Some experience with any scripting tools, such as Python, Bash, PowerShell 

  • Understanding of Windows and Linux Operating Systems 

  • Some understanding of penetration testing tools and techniques 

  • Strong understanding of TCP/IP and underlying network protocols  

  • Knowledge of current trends and developments in information technology 

  • Strong interpersonal and communication skills 

  • Experience in developing procedures and processes 

Desirable Qualifications & Skills:

Desirable background and or qualification such as: CompTIA Network+, Security+ or CASP, & CYSA 

Or Microsoft Qualifications eg AZ-900, SC-900, SC-200 

Or at least one IT, Security or SOC-related security qualification or apprenticeship such as:  

Cisco Certified CyberOps Associate, or Cyber Technologist L4 Apprenticeship.  

Experience with the following SecOps processes is desired: 

  • EDR Solutions 

  • Email Investigations – Ability to search for and purge malicious email & content 

  • Basic Malware Analysis – Static and Dynamic analysis 

  • Event Log analysis (preferrable) 

  • DNS Investigations and Blocking 

  • Privileged Access Management Solutions 

  • Familiar with intelligence sources 

  • Basic Threat Hunting 

  • MS Endpoint Management 

  • MS Sentinel 

  • MS Azure 

  • MS 365 

  • Tenable 

Excellent Employee Benefits:

Cyro is committed to ensuring that we offer industry leading career opportunities, salary and benefits packages. Join us and you can expect to receive:

·      25 days holiday, including public holidays, plus the option to buy or sell five days each year

·      Company pension scheme

·      A range of family friendly policies

·      An employee-funded car leasing scheme

·      Occupational health support

·      Cyro Rewards Scheme

So why choose Cyro for your next opportunity?

·       To build, run and maintain a successful compliance programme, you need a connected approach – a team you can trust from strategy to support, and everything in between. At Cyro, this is what we do!

·       As part of our team, you could be working with some of the biggest names in the Critical Nation Infrastructure and Service Provider sectors including London Underground, Network Rail, Transport for London, RNLI, MOD and Virgin Media. You’ll help us ensure the most important messages get through – however tough the conditions.

·       Here are just some of the ways we’re different:

o   You’ll go further with us. We understand the importance of career development and will give you all the support you need to realise your potential. You’ll receive formal training, e-learning and mentoring from top professionals. And we offer opportunities to transfer to other sectors – or even different technology areas.

o   You’ll make a difference. You could be working outdoors, battling the elements, or in one of our many offices helping us develop the network infrastructures of tomorrow.

o   You’ll be treated as an individual. We’re not a vast corporation, which means every individual counts. With us, you’ll be valued and supported, involved and empowered from day one.

o   You’ll be well rewarded. We offer salary progression that reflects market rates and personal performance, a flexible working environment and excellent training.

We reserve the right to close this vacancy once we have received sufficient applications.

Cyro is an equal opportunities employer and is committed to diversity and inclusion.

This job description sets out the duties and responsibilities of the job at the time when it was drawn up.  Such duties and responsibilities may vary from time to time without changing the general character of the duties or the level of responsibility entailed.  Such variations are a common occurrence and cannot in themselves justify a reconsideration of the grading of the job.