Security Analyst in Cardiff

This job is with Lewis Silkin LLP, an inclusive employer and a member of myGwork – the largest global platform for the LGBTQ+ business community.

About the Team:

This role sits within the Technology team which comprises 50 plus technology specialists based in our London, Cardiff, Manchester and Belfast offices. Our role is to deliver industry-leading technology solutions for our clients, our staff and our communities, underpinning the firm’s future products and services to enable business growth and enhance profitability. You will be part of our Security team, whose mission is to enable the success and security of the firm and its clients by establishing the culture, technology, and practices necessary to protect against threats.

About the Role:

This role is central to the day-to-day operation of the firm’s security function, helping to identify, investigate and respond to security incidents and risks identified through our systems and processes. The Security Analyst will also support the implementation of new security solutions, contribute to the development and maintenance of policies, standards, baselines, guidelines and procedures, and assist with vulnerability assessments and audits. This is an excellent opportunity for someone who is proactive, curious and committed to helping the firm maintain a strong and resilient security posture.

Key Responsibilities

• Maintain the operational configuration of all in-place security solutions in line with established baselines.
• Monitor security tools and services to ensure they are operating effectively and appropriately.
• Review logs and reports from security tools, workstations, servers and network devices, interpret activity, and help drive appropriate remediation actions.
• Support investigations into suspicious or problematic activity and assist with incident response as required.
• Contribute to vulnerability assessments, penetration testing activities and security audits.
• Provide support and guidance to end users and act as an escalation point for the Service Desk on security tools, best practice, and firm policies and procedures.
• Complete client and supplier security surveys as required, ensuring records and supporting documentation are kept accurate and up to date.

Strategy & Planning

• Support the planning and design of the firm’s security architecture, under the direction of the Security Manager, where appropriate.
• Contribute to the development and maintenance of security documentation, including policies, standards, baselines, guidelines and procedures.

Acquisition & Deployment

• Maintain a strong understanding of the Technology security landscape, including new and emerging threats, revised security solutions, and evolving best practice.
• Recommend enhancements or additional security solutions that help strengthen the firm’s overall security posture.
• Assist with the deployment, integration and configuration of new security solutions, as well as improvements to existing tools, in line with legal, regulatory and industry best practice and the firm’s security policies and procedures.

About You:

Our ideal candidate will be able to demonstrate:

• Experience with Microsoft Defender or similar endpoint anti-virus solutions.
• Experience with Mimecast or similar email security platforms and understanding of SPF, DMARC and DKIM.
• Experience with Zscaler or similar endpoint proxy solutions.
• Good understanding of Cyber Essentials and ISO27001.
• Desired certification - Comptia CySA + and Microsoft Security Operations Analyst Associate.
• A flexible, self-motivated approach and the ability to learn quickly in a varied role.
• Experience of incident response.
• Strong organisational skills, with the ability to meet deadlines and adapt to changing priorities.
• The ability to develop new skills and knowledge quickly when facing new challenges.
• Excellent attention to detail and a methodical approach to maintaining a high-quality service.
• Excellent verbal and written communication skills.
• A collaborative mindset, with confidence in asking questions and seeking information to deliver responsibilities effectively.
• The ability to work effectively as part of a team to support the wider Technology service.
• A willingness to work out of hours when required, sometimes at short notice.
• The ability to assess business issues and translate them into technology requirements.

Additional Information:

At Lewis Silkin our ethos is simple. We strive to do the best for our clients, our people and the communities in which we operate. We recognise that an inclusive workplace allows for all kinds of ideas and thoughts, a variety of points of view that can trigger discussions or deliver innovative results, and a wide range of versatile skills and expertise. We are proud of the diversity within Lewis Silkin and of our culture that allows people to be themselves at work, ensuring we provide the best possible service to our clients. We are committed to supporting candidates throughout the recruitment process by supporting anyone who requires adjustments, in order to ensure they have the opportunity to perform at their best. All applicants will be considered equally and fairly. If you’d like to request any adjustments throughout the recruitment process, or would like to discuss flexible working patterns, please email the recruitment team in confidence (recruitment@lewissilkin.com).