TITLE: Cyber Security Analyst DEPARTMENT: Cyber Security, Information Technology REPORTS TO: Cyber Security Manager WORK PATTERNS: Mon-Fri, 9am-5:30pm (not inc. Bank Holidays) MAIN PURPOSE OF POST: The Cybersecurity Department at London Luton Airport provide support for all electronic communications systems at the site, as well as taking a leading role in delivering technology change / improvement projects and managing external support agreements. The Cyber Security Analyst is required to focus on the detection, investigation and response to cyber security events and incidents. Other tasks involve BAU security tasks, supporting cyber security projects and assisting with regulatory compliance. The role will involve using a diverse security toolset and the successful applicant will build extensive experience in all areas of cyber security.
DAILY TASKS WILL INVOLVE THE FOLLOWING: Endpoint monitoring and analysis. Incident readiness and handling as part of the Computer Security Incident Response (CSIRT) team. Monitor and administer Security Information and Event Management (SIEM). Malware analysis and forensics research. Understanding/ differentiation of intrusion attempts and false positives. Investigation tracking and threat resolution. Vulnerability identification & mitigation / remediation. Compose security alert notifications. Help develop cyber security process & procedures. Advise incident responders & other teams on threat. Triage security events and incidents apply containment and mitigation/remediation strategies. Generate reports and document security incidents / events. Proactively monitoring the performance of systems, and make regular routine inspections of installed equipment and take corrective avoidance actions to prevent wider problems. Act as the point of escalation for the Service desk for security related tickets. Analysis of weekly vulnerability scans and update relevant records. Responsibility for the health, safety and wellbeing of yourself and colleagues in the workplace; supporting our journey to create an open and honest wellbeing culture at LLA. KEY REQUIREMENTS FOR THE ROLE Essential A well organised and structured approach to work planning, time allocation to tasks, and a flexible approach to daily routines to deliver the desired results. An ambition to constantly learn new skills and develop knowledge, with an understanding that study time outside of working hours may be required for career development. Credible knowledge/experience in Microsoft Windows Operating Systems. Credible knowledge/experience of Active Directory, Group policies, TCP/IP, DNS, DHCP and Exchange Server. Capable of effectively multi-tasking, prioritizing work, and handling competing interests. Capable of analysing information technology logs and events sources preferred. Working knowledge of data storage systems, data backup and restoration methods. Understanding of security tooling, its purpose and functionality (Anti-Malware, IPS, Web and Email Gateways, security analysis tools, web security tools, next generation firewall/UTMs). A team player with good work ethic, communication skills and a professional who maintains customer-service based approach. Ability to work independently while managing support to a high standard. Contribute credibly to IT department's delivery of SLAs and other support targets. Self-motivated to advance own knowledge & gain formal qualifications. Ability to analyse vulnerabilities, threats, designs, procedures and architectural design, producing reports and sharing intelligence. Advanced knowledge of computer forensics; legal, government and jurisprudence as they relate to cybersecurity; operating systems; and methods for intelligence gathering and sharing. Knowledge of Cloud computing, computer network defence, identity management, incident management and network security. Significant experience within a SOC environment Incident response experience. Qualification / Certification in Cyber Security. Desirable IT Qualifications / Certifications such as CompTIA A+, Network+, Security+. IT Helpdesk experience or knowledge • Cyber Security Operation Centre experience. Qualification / Certification in Cyber Security PERSON SPECIFICATION: Communication. Structures and conveys information and ideas effectively. Communicates to ensure they are understood by others, that they understand others and share information with colleagues at all levels. Customer Focus. Understands what the customer needs and then works to exceed their expectations and meeting their individual needs. Achieving results. Knows what needs to be achieved by when. Anticipates obstacles. Motivates self and others to overcome barriers and achieve results. Personal Responsibility & Credibility. Take personal responsibility for making things happen and achieving results, working with their line manager. Displays commitment, accountability and conscientiousness. Acts with integrity. Planning & Organising. Identifies a goal and puts in place a sequence of steps to ensure priorities are delivered on time, making effective use of resources. Team Focus. Develops effective working relationships inside and outside traditional boundaries to achieve organisational goals. Breaks down barriers between groups and involves others in discussions and decisions