At a Glance
- Tasks: Join our team to manage vulnerabilities and enhance cyber security across the organisation.
- Company: Dynamic company focused on cutting-edge cyber security solutions.
- Benefits: Work from home, competitive salary, and opportunities for professional growth.
- Other info: Collaborative environment with exposure to the latest security technologies.
- Why this job: Make a real impact in protecting organisations from cyber threats.
- Qualifications: Experience in Information Security and strong understanding of vulnerability management.
The predicted salary is between 70000 - 90000 £ per year.
Our client is seeking an Information Security Analyst to join their cyber security function, with a strong focus on vulnerability management, assurance and compliance. Reporting into the Head of Information Security, this role plays a key part in identifying, assessing and reducing cyber risk across the organisation, working closely with internal technology teams, managed service providers and third-party security partners.
Key Responsibilities
- Manage vulnerability management and remediation activities across applications and infrastructure
- Coordinate penetration testing, remediation and assurance activities with third parties
- Support ongoing PCI DSS compliance, including assessments, evidence and control testing
- Configure and operate security tools, including vulnerability scanners and endpoint protection
- Monitor and respond to security incidents, escalating to SOC teams where required
- Conduct security risk assessments, audits and contribute to risk management frameworks
- Implement security policies, procedures and develop operational playbooks
- Act as a key security point of contact for internal teams, MSPs and security partners
Experience:
- Proven experience in Information Security, Vulnerability Management or Security Operations
- Strong understanding of vulnerability assessment, patch management and remediation processes
- Knowledge of secure web application principles (OWASP Top 10, SANS 25)
- Experience with application and infrastructure security, including: Firewalls, Web & Email Security, AD / Group Policy, MFA, DMARC, DKIM, SPF
- Good understanding of network and cloud security concepts (DMZ, TCP/IP, Cloud platforms)
- Solid awareness of current cyber threats, risks and mitigation techniques
Desirable:
- Experience supporting PCI or other regulatory compliance frameworks
- Exposure to managing penetration testing programmes end-to-end
- Ethical hacking or information security certifications (e.g. CISSP, CCSP, Microsoft Security)
- Experience with Microsoft Azure, Office 365, Endpoint or Cloud Security tooling
Please apply now if you are meeting the above criteria or contact Andrew Harrison directly.
Skills: InfoSec, Cyber Security, Vulnerability, Compliance, Application, Infrastructure
Benefits: Work From Home
Information Security Analyst employer: Ocho
Our client is an exceptional employer, offering a dynamic work culture that prioritises collaboration and innovation within the cyber security domain. With a strong commitment to employee growth, they provide ample opportunities for professional development and training in cutting-edge security practices, all while supporting a flexible work-from-home policy that enhances work-life balance.
StudySmarter Expert Advice🤫
We think this is how you could land Information Security Analyst
✨Tip Number 1
Network like a pro! Attend industry meetups, webinars, or even local coffee chats. The more people you know in the cyber security field, the better your chances of landing that Information Security Analyst role.
✨Tip Number 2
Show off your skills! Create a portfolio or GitHub repository showcasing your vulnerability management projects or any security tools you've configured. This gives potential employers a tangible look at what you can do.
✨Tip Number 3
Prepare for interviews by brushing up on common security scenarios and compliance questions. Practise articulating how you've handled past security incidents or managed vulnerabilities to demonstrate your expertise.
✨Tip Number 4
Don't forget to apply through our website! It’s the best way to ensure your application gets seen by the right people. Plus, we love seeing candidates who are proactive about their job search!
We think you need these skills to ace Information Security Analyst
Some tips for your application 🫡
Tailor Your CV:Make sure your CV is tailored to the Information Security Analyst role. Highlight your experience in vulnerability management and compliance, and don’t forget to mention any relevant certifications you have. We want to see how your skills match what we're looking for!
Craft a Compelling Cover Letter:Your cover letter is your chance to shine! Use it to explain why you're passionate about cyber security and how your background makes you a great fit for our team. Keep it concise but impactful – we love a good story!
Showcase Relevant Experience:When filling out your application, be sure to showcase your experience with security tools and vulnerability assessments. Mention specific projects or achievements that demonstrate your expertise. We’re keen to see how you’ve tackled challenges in the past!
Apply Through Our Website:We encourage you to apply through our website for the best chance of getting noticed. It’s super easy and ensures your application goes straight to us. Plus, you’ll get to see more about our culture and values while you’re at it!
How to prepare for a job interview at Ocho
✨Know Your Vulnerabilities
Make sure you brush up on your knowledge of vulnerability management and remediation processes. Be ready to discuss specific tools you've used, like vulnerability scanners, and how you've applied them in past roles. This will show that you’re not just familiar with the concepts but have practical experience.
✨Understand Compliance Inside Out
Since the role involves supporting PCI DSS compliance, it’s crucial to understand the requirements thoroughly. Prepare to talk about your experience with compliance frameworks and any assessments you've conducted. This will demonstrate your ability to contribute effectively to the organisation's compliance efforts.
✨Showcase Your Technical Skills
Be prepared to discuss your technical skills in areas like firewalls, web security, and cloud security concepts. Highlight any relevant certifications you hold, such as CISSP or CCSP, and be ready to explain how you've applied these skills in real-world scenarios.
✨Communicate Clearly and Confidently
As a key point of contact for internal teams and third-party partners, strong communication skills are essential. Practice articulating your thoughts clearly and confidently, especially when discussing complex security topics. This will help you stand out as a candidate who can bridge the gap between technical and non-technical stakeholders.
