Senior Cyber Security Analyst

The IT department has approximately 60 staff globally, located in London, Paris, Piraeus, Dubai, Hong Kong, Sao Paulo, Melbourne, Perth, Singapore, and Sydney. HFW’s Cybersecurity vision is to protect and strengthen the firm through delivering a global cybersecurity service that safeguards our global operations and data and enables the firm to achieve its wider strategic goals.

The role of the Senior Cyber Security Analyst is a new position in the firm, expanding its cybersecurity operations capacity and capability. The successful candidate will:

• Work with the cyber team and IT colleagues to ensure that systems and services are both secure and stable, enabling the firm to deliver outstanding service to its clients and achieve its wider strategic goals.
• Provide advice and guidance on information and cybersecurity operations to manage identified threats and risks and ensure adoption and adherence to standards.
• Ensure cybersecurity controls are being operated efficiently and effectively across the firm globally.
• Ensure that the firm remains resilient to evolving cyberthreats by providing continual service improvement.

Key responsibilities:

• Undertake efficient, effective and proactive day-to-day cybersecurity operations to minimise the risk of a security incident, enabling the firm to do business.
• Maintain the capability to react and respond to incidents in an effective and timely manner, minimising their impact to the firm.
• Provide expertise and cybersecurity requirements to the firm’s change programme to ensure that security good practice is fully embedded into change initiatives, and security by design principles are applied.
• Provide 3rd line support to the IT service desk, responding to support requests and incident tickets which have been triaged and escalated to the cybersecurity operations team, and provide out of hours support through participation in an on-call rota.
• Undertake routine monitoring of security alerts generated by systems and consumed by the cybersecurity team, investigating, analysing and responding to them as required.
• Co-ordinate and undertake regular reviews of security tools to ensure they are maintained in a fully operational state across all in-scope assets and are tuned to incorporate new features or changes to the operational environment.
• Co-ordinate and undertake threat modelling to identify and analyse potential security threats, and ensure the necessary controls are in place to manage the threat and associated risks.
• Co-ordinate and undertake regular threat hunting, analysing logs and event data across the firm’s systems, and procuring threat intelligence to inform the hunts.
• Provide technical leadership during security incident response, from identification through to containment, eradication, recovery and post-incident review, reporting and recommendations; liaising with external IR providers as required.
• Maintain Incident response playbooks and undertake regular IR exercises.
• Ensure that the internal team and managed service security providers have clear roles and responsibilities, and services are joined up and operated seamlessly.
• Ensure that the day-to-day operations of the wider IT systems are compliant with the firm’s security policies and standards.
• Conduct risk assessments and recommend security improvements.
• Provide guidance on secure configuration and hardening the security of systems.
• Manage penetration testing activities conducted by third-party testers and any remediation activities required.
• Fulfil 3rd line support and service request tickets.
• Develop, document and maintain security procedures and cybersecurity operational documentation.
• Oversee and drive vulnerability management activities with the technical systems owners.
• Ensure audit trails, system logs and other monitoring data sources are reviewed regularly, and are following policies and audit requirements.
• Provide out-of-hours support for security incidents.
• Any other ad hoc duties as and when required.

Key skills & experience required:

• 5+ years’ experience in cybersecurity or information security.
• Bachelor’s Degree in Cybersecurity, or similar, Industry certifications such as CompTIA Security+, GIAC, CISM, CISSP or other relevant certification preferred.
• Strong understanding of network and end-point security, incident response, threat intelligence, and vulnerability management.
• Experienced with security tools such as SIEM platforms, EDR/XDR solutions, firewalls, IDS/IPS.
• Strong knowledge of Microsoft Azure cloud security technologies and concepts.
• Familiar with cybersecurity frameworks such as NIST CSF, ISO27001, CIS Controls.
• Strong analytical and problem-solving skills.
• Good understanding of best practice security operations and architectures.
• Knowledgeable on security and data protection legislations and regulations, and the security requirements resulting from them.
• Resilient, and able to work effectively and prioritise correctly in high pressure situations.
• Broad knowledge of Information Security, IT and industry best practices.
• Ability to work well under minimal supervision.

Equal opportunity:

HFW aims to ensure equality of opportunity, and we are actively working towards improving the diversity of our staff. All applications will be considered only on merit and the applicant’s suitability to meet the requirements of the role. HFW collects and processes personal data relating to job applicants to manage its recruitment process. The firm is committed to being transparent about how it collects and uses that data and to meeting its data protection obligations. For information on how the firm will process your data, please see our Privacy Notice on our website.