Cyber Defence Analyst

Overall Summary
At Close Brothers we look to recruit individuals from all different backgrounds and encourage you to apply even if you don't tick every box. We celebrate diversity, promote inclusivity and are open to discuss flexible work options to help you balance your work and home life. Vacancies are available on a part-time, job-share or full-time basis because we know the best person for the job isn't always available full-time. Our aim is to facilitate requests wherever possible and managers will consider requests on an individual basis.

Join the Close Brothers Security and Resilience Team where you will protect the business from the impact of cyber threats. Working as part of the Security and Resilience team our ideal team member will have previous experience in continuous security monitoring, cyber incident response, and detection engineering with excellent attention to detail and analytical thinking skills.

Responsibilities

• Triage and resolve security alerts in line with agreed procedures and playbooks.
• Triage and respond to phishing reports.
• Resolve security requests from end users in a timely manner, such as assessing and unblocking emails and websites.
• Identify and implement tuning to support the maintenance of detection use cases.
• Support the introduction of new detection use cases.
• Support the introduction of new SOAR automation playbooks.
• Develop and review standard operating procedures (SOPs), playbooks, and runbooks.
• Conduct ad-hoc analysis of security event data to identify threats.

WE WOULD LOVE TO HEAR FROM YOU IF YOU HAVE:

• Previous experience working in a security analyst role in a fast-paced security operations team.
• Experience creating, documenting, and following cyber incident response plans.
• Experience using SIEM technologies to identity and respond to security events, search through security event data, and to create, test, and tune detection use cases.
• Experience with a variety of other cyber security technologies and tools, such as: EDR/AV; IDS/IPS; SOAR; email and web filtering.
• Excellent and up-to-date knowledge of IT infrastructure (hardware, databases, operating systems, networking devices etc) and cyber security controls around them.
• Excellent attention to detail and analytical thinking skills.

IT IS NOT ESSENTIAL BUT IT WOULD BE GREAT IF YOU HAVE:

• Experience working in a SOC within the financial sector.
• Experience of administering SIEM and SOAR technologies.
• Knowledge of Digital Forensics techniques and processes.
• Knowledge of public cloud technologies (e.g. AWS; Azure)
• Knowledge of industry data security legislations and cyber security law.
• Knowledge of programming languages, such as Bash, PowerShell, JavaScript and Python.

We are an inclusive organisation and committed to ensuring our recruitment process is as accessible as possible to everyone. We will make adjustments for people who have a disability or long-term condition. If you need the job description or application form in an alternative format or would like to discuss the recruitment process with us, please email us at or request a call back.

About Us
At Close Brothers we support employees to balance their work life priorities and in this role you will be able to enjoy a mixture of hybrid working.

Close Brothers is a leading UK merchant banking group providing lending, deposit taking and securities trading. We employ approximately 3,000 people, principally in the United Kingdom and Ireland. Close Brothers Group plc is listed on the London Stock Exchange and is a constituent of the FTSE 250.

To find out more about Close Brothers, please visit our careers page:

To find out more about life at Close Brothers:

To find out more about our benefits:

To find out more about our commitment to creating an inclusive environment:
Our Responsibility - Diversity and inclusion ¦ Close Brothers Group