Senior Security Analyst

DescriptionAbout the Role :Working in the Information Security team you will focus on Incident Response across the Next technology estate with a particular focus on our Warehouse environment responding to and investigating events generated by our security controls. You will work closely with Information Securitys Vulnerability Management Team and other teams located at the warehouse Focussing on the warehouse specific technologies and identifying control and monitoring gaps among that technologyYou will be responsible for identifying improvement areas in processes whether through Automation or Process driven. You will ensure that Security Incidents are promptly identified contained and eradicated working closely with IT our security partners and the wider business to do so.The successful candidate will be monitoring our SIEM and SOAR alongside other security controls to identify potential threats and then use all of the controls and resources at their disposal to determine what steps need to be taken to contain and eradicate confirmed threats.Where necessary you will ensure that any forensic evidence is correctly captured and stored in case it is required for future reference. Following an incident you will work with other teams involved to identify opportunities to improve our controls and processes making recommendations for addressing any lessons learned and implementing where appropriate. They will act as an escalation point for members of the team to upscale higher severity and higher complexity incidents to.You will also be expected to maintain an awareness of the changing threat landscape and industry standards. Proactively work with Vulnerability Management and Engineering to identify control gaps and alert opportunities to improve the security of our environment.The role involves participating in a shift and call out rota to help ensure our environment is monitored and supported on a 24x7 basis.A monthly visit to the Enderby Head Office in Leicester is required with additional visits scheduled as needed by the business or management.Key ResponsibilitiesContinuously monitor Nexts technical security controls in order to promptly identify and investigate potential threats.Respond to Security Incidents ensuring prompt containment and recovery.Carry out forensic investigations following security incidents.Ensure all investigations and incidents are accurately logged and managed in our ITSM tool.Participate in lessons learned meetings and make recommendations for improvements to controls or processes ensuring these are implemented where agreed.Liaise with other IT Teams business areas and 3rd Parties to aid in incident investigations and response.Ensure continuous awareness of new and emerging threats and understand the TTPs and their relevance to the Next environment.Identify false positives and tuning requirements for security controls and work with the Security Engineering team to implement improvements.Work with our Security Engineering and Vulnerability & Threat Management Team to test our controls and processes in order to proactively identify opportunities for improvement.Create and maintain operational procedures and technical documentation.Manage and maintain metrics and reporting to ensure the security threats and trends impacting our business are understood.About you: EssentialProven Information Security experience with a good understanding of analyst investigations.Strong analytical and troubleshooting skills within Windows and Linux environmentsUnderstanding of Information Security including malware emerging threats attacks and vulnerability management.A team player who is hardworking and self-motivated.Excellent attention to detail.Ability to remain calm under pressure and clearly communicate to all levels of management.Understand and operate change management processes.Experience using configuring and maintaining common security tools such as EDR IDS / IPS SIEM SOARExperience working in a Security Operations Centre.DesirableRelevant industry recognised security qualification (i.e SANS 503 CySA Security).Experience with security or compliance standards such as PCI-DSS or ISO27001.Understanding and experience of working for a Retail company.Experience with Regex ScriptingExperience working in an Infrastructure or Network Operations CentreExperience conducting Digital Forensics investigationsUnderstanding of Cloud based infrastructureExperience with Warehouse Processes and TechnologiesRequired Experience:Senior ICKey SkillsSecurity Management,Sensitive Information Management,Pressure Management,Risk Analysis,Access Control,Safety Procedures,Security Measures,Security Training,Risk Assessment,Access Point,Security Checks,Detect Signs,Safe Environment,Security System,Security ReportsEmployment Type: Full-TimeExperience: yearsVacancy: 1 #J-18808-Ljbffr