Cyber Security Specialist - Analyst in Manchester

As a Cyber Security Analyst you will ensure that the business is protected against cyber security threats and that data is always kept secure. This will mean proactive planning, rapid responses to all security threats and incidents and serving as an escalation point for the other members of the team. You will work collaboratively with the business and wider IT team to provide governance and security for existing and new services. You will carry out cyber security operations including threat monitoring and incident prevention/response, as well as supporting the implementation of new cyber security technologies. It is an exciting time to join the business as part of the IT & Cyber Security activity transformation programme. You can expect a positive and inclusive working environment, training and development opportunities, and excellent holidays and benefits. In addition, we will provide an environment that supports a healthy work life balance.

Main Responsibilities:

• Take full ownership of incidents escalated by Analyst level 1 or the SOC and control quality of actions performed.
• Investigate and analyse cybersecurity incidents and follow up action plans.
• Develop and expand tools supporting day to day cyber security operations activities and capabilities.
• Assist the modelling of new attack scenarios.
• Coordinate regional cyber response activities with IT and business stakeholders, and contribute to global cyber response activities as needed.
• Build response instructions and execute level 2 containment measures, document processing of incident within the incident orchestration solution (SOAR).
• Monitor APT (threat detection, reporting, contextualisation).
• Perform hunting activities based on information collected by the Analysts and the Cyber Threat Intelligence.
• Complete cyber forensics activities when required (threat scenarios, malware analysis, etc.).
• Work during on call.

The Ideal Candidate:

• Learn through experimentation when tackling new problems, using both successes and failures as learning fodder.
• Experience of working and partnering with other technology teams to resolve cyber security incidents.
• Experience of communicating effectively technical information to a technical audience without expertise.
• Experience of communicating effectively technical information and articulate risks to non-technical audience and senior management in crisis situations.
• Experience of performing threat hunting and digital forensic on computers, servers or network assets.
• Demonstrated experience of strong knowledge in information security principles (security principles applied to architecture, network & systems, cyber forensic, security risk assessment, software development).
• Actionable knowledge of MITRE ATT&CK framework.
• Knowledge of NIST framework and OWASP.
• Solid understanding of exploitable vulnerabilities and remediation techniques.

• Experience of penetration testing is a strong plus.
• Experience in automating manual processes for responding to cyber security incidents is a strong plus.
• Experience of Threat Intelligence and CERT/CSIRT activities is preferred.
• Experience of SOAR is preferred.
• Experience of developing scripts (Python, REGEX, Powershell, Shell, etc.) quickly in reaction to incidents or for proof of concept is preferred.
• GIAC certification (eg GCFA, GREM or GNFA) is a plus.

Working with Sodexo is more than a job; it’s a chance to be part of something greater. You’ll belong in a company and team that values you for you; you’ll act with purpose and have an impact through your everyday actions; and you’ll be able to thrive in your own way.

Ready to be part of something greater? Apply today!