86 Senior Security Analyst jobs in London

CYBER SECURITY ANALYST | SECURITY OPERATIONS CENTER |HIGH THREAT GOVERNMENT

Summer-Browning Associates is supporting our client in the Central Government who is seeking a Cyber Security Analyst for an initial 12-month assignment, with the possibility of extension.

Location: London | Hybrid| Remote

The ideal candidates will possess an active DV Security clearance and have a solid background in Cyber Security, with the following skills and experience:

• Proficiency in Security Information and Event Management (SIEM), including tools such as Splunk, Defender, and Tenable Threat Modelling System solutions, as well as with IDS/IPS and vulnerability scanners.
• Experience in SOC operations, incident response, and forensic analysis.
• Ability to perform triage of security events to determine their scope, priority, and impact, while making recommendations for efficient remediation.
• Experience in network security principles, firewalls, and access control mechanisms.
• Preferred Qualifications: - Industry certifications such as CompTIA Security+, CISSP, CISM, CEH, or GIAC are highly desirable.

To apply, please submit your latest CV for review.

Cyber Security Analyst

- Permanent full time role

- Salary up to £57k plus London travel paid

- Based in West London (hybrid working - 3 days a week in the office)

- Large business with genuine opportunity for progression

A large West London based company is looking for an experienced Cyber Analyst/Engineer to join its IT function.

Duties will include:

- BAU cyber vulnerability management and incident response

- Cyber security projects and working with the wider group/external vendors to deliver security requirements

- Focus on delivering Cyber Essentials Plus and ISO27001

- Network and data security monitoring

- Responding to tickets and working with teams on access, malware and vulnerability

- Support ongoing improvements to internal defence

- Oversee policies and procedures

- Audits

To be considered suitable you will need the following skills and experience:

- Experience in either a Cyber Analyst or Cyber Engineer role

- SC Cleared/Clearance

- Experience in network audits and penetration testing

- Previous experience of delivering Cyber Essentials Plus

- Knowledge of security frameworks

- Generalist IT security background

- Strong communication skills

• Monitor security alerts and events from various sources, including SIEM, IDS/IPS, and endpoint protection platforms.
• Investigate and respond to security incidents in a timely and effective manner, including root cause analysis and remediation.
• Conduct regular vulnerability assessments and penetration tests to identify security weaknesses.
• Develop and maintain security documentation, including policies, standards, and guidelines.
• Collaborate with IT and development teams to integrate security best practices into the software development lifecycle.
• Stay abreast of the latest security threats, trends, and technologies.
• Provide security awareness training to employees.
• Contribute to the continuous improvement of the information security program.
• Participate in security audits and compliance reviews.
• Evaluate and recommend new security technologies and solutions.

• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field (or equivalent practical experience).
• Proven experience (5+ years) in information security, with a focus on threat detection and incident response.
• Strong understanding of security frameworks such as ISO 27001, NIST, and GDPR.
• Experience with SIEM tools (e.g., Splunk, QRadar), EDR solutions, and network security technologies.
• Excellent analytical and problem-solving skills.
• Strong communication and interpersonal skills, with the ability to explain complex technical concepts to non-technical stakeholders.
• Relevant security certifications such as CISSP, CISM, or GIAC are highly desirable.

• Conduct comprehensive security risk assessments and vulnerability analyses.
• Develop and implement security policies, standards, and procedures.
• Manage and monitor security information and event management (SIEM) systems.
• Respond to and investigate security incidents, providing detailed post-incident reports.
• Collaborate with IT teams to ensure security is integrated into system design and deployment.
• Oversee the implementation of security awareness training programs for employees.
• Stay abreast of the latest security threats, trends, and technologies.
• Manage third-party security risks and ensure vendor compliance.
• Contribute to the development and execution of disaster recovery and business continuity plans.
• Mentor junior security analysts and provide technical guidance.

• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field. A Master's degree is a plus.
• Minimum of 5 years of experience in information security, with a proven track record in risk management and incident response.
• In-depth knowledge of security frameworks (e.g., NIST, ISO 27001).
• Proficiency in SIEM tools, intrusion detection/prevention systems, and firewalls.
• Strong understanding of network security, cryptography, and cloud security.
• Excellent analytical and problem-solving skills.
• Ability to communicate complex security concepts to both technical and non-technical audiences.
• Relevant security certifications such as CISSP, CISM, or CEH are highly desirable.

Job purpose:

The security analyst will join a small security team for one of our clients in Central London. you will be a subject matter expert on all aspects of security to include mail security, web security, infrastructure security and end user device security.

The security analyst plays a key role in driving and improving and technology security at the organisation, providing expert advice and reliable guidance to a broad range of colleagues and stakeholders to achieve this.

Key Accountabilities:

• Proactively assess device and application logs for security vulnerabilities, as well as investigate causes and ultimately resolve or mitigate those vulnerabilities

• Lead and investigate security breaches and cyber incidents, providing timely resolution to agreed service level agreements/expectations

• Install Security updates/measures in line with best practices to ensure that the client is protected against the latest cyber security threats

• Work with third parties and internal teams to schedule proactive penetration tests, ensuring that vulnerabilities are resolved or mitigated

• Support the delivery of security training to all end users

• Regular monitoring of potential security risks externally and internally, provide clear expert advice and reliable guidance

• Manage regular security assessments of various key services

• Regularly assess key third party suppliers to ensure their security compliance

• Work with operational and delivery teams to ensure security design principles have been evaluated and adopted

• Provide clear expert advice and reliable guidance to end users on all things relating to cybersecurity

• Effectively collaborate with internal teams in relation to cybersecurity audits, including the resolution of outstanding actions

• Manage the creation and regular updating of Security policies

• A proactive approach to supporting a welcoming and respectful working environment for all colleagues at the organisation.

Knowledge, skills and experience

Essential:

• Relevant experience working as an effective Security Analyst

• Strong understanding of mail filtering technologies

• Strong understanding of Cloud infrastructure technologies, including encryption

• Demonstrable experience of working with Microsoft Sentinel, Defender and Purview

• Excellent understanding of security frameworks (NIST and Cyber Essentials)

• Ability to lead and manage third party providers

• Strong understanding of incident response processes and methodologies including leading and managing incidents

• Lead on root cause analysis, providing relevant documentation including recommendations

• indemonstrable experience of implementing a robust and trustworthy security configuration for various devices, ensuring that all security protocols are effectively set up to protect against unauthorised access and potential threats

• Proficient with SIEM, IDS/IPS, vulnerability scanners, and Azure security tools.

• Experience of leading on technical vulnerability assessments and regular penetration testing of IT systems and processes to identify potential vulnerabilities and provide recommendations for risk mitigation

• Experience in testing and reviewing new security solutions

• A strong commitment to supporting of diversity, inclusion, respect and dignity in the workplace