SIGNUP
Back to Jobs
XX
3rd Line Security AnalystOperations Resources LimitedWales, England, United Kingdom
Find similar jobs

This job offer is no longer available

XX

3rd Line Security Analyst

Operations Resources Limited
  • GB
    Wales, England, United Kingdom
  • GB
    Wales, England, United Kingdom
Find similar jobs

About

JobTitle Level3SecurityAnalystIncidentResponse&VulnerabilityManagement Department ServiceDelivery/Security ReportingTo SecurityLead/ServiceDeliveryManager OperatesunderthedirectionoftheIncidentManagerduringsecurityincidents Location UK(Hybrid)OfficeinCardiff1-2daysperweek,regularclientsitetravel.
Be one of the first applicants, read the complete overview of the role below, then send your application for consideration.
WorkingPattern MondaytoFridaywithparticipationintheon-callSecurityandMajorIncidentrotaasrequired RolePurpose TheLevel3SecurityAnalystisresponsibleforthetechnicalinvestigation,containment,remediation,andresolutionofITsecurityincidentsandvulnerabilitiesacrossacomplex,multi-sitecustomerestatesupportedbytheMSP.
Theroleactsasaseniortechnicalauthorityforsecurityincidents,workingalongsideIncidentManagement,Infrastructure,Network,andApplicationteamstoensuresecurityissuesareresolvedend-to-end,correctlydocumented,anddonotreoccur.
KeyAccountabilitiesSecurityIncidentInvestigation&Response Actasthetechnicalleadfortheinvestigationofsecurityincidentsacrosssupportedplatforms.
Investigatemalware,ransomware,accountcompromise,unauthorisedaccess,suspiciousactivity,andsecuritymisconfiguration.
Performdetailedrootcauseanalysisacrossendpoint,identity,network,andapplicationlayers.
AdvisetheIncidentManageronincidentscope,impact,containment,eradicationstrategy,andrecoveryvalidation.
Driveincidentsthroughtofulltechnicalresolution,nottemporarymitigation.
KeyAccountabilitiesVulnerabilityManagement Investigatevulnerabilitiesidentifiedviascanningplatforms,endpointandcloudtooling,supplierdisclosures,andauditactivity.
Assessriskbasedonexploitability,exposure,andoperationalimpact.
Ownremediationactionsend-to-end,coordinatingwithInfrastructure,Network,andthird-partysuppliers.
Validateremediationandensureappropriateevidenceiscapturedforassuranceandaudit.
Platforms&TechnologyScope End-userdevicesincludingWindows,macOS,tablets,andperipherals.
Microsoft365includingEntraID,Exchange,SharePoint,Defender,andendpointprotection.
IdentityandAccessManagementincludingprivilegedandserviceaccounts.
On-premisesandcloud-hostedservers.
Networkinfrastructureincludingfirewalls,switches,wireless,andWANconnectivity.
Cloud-hostedandsupplier-managedapplications.
Documentation,Audit&ContinuousImprovement Produceclear,technicallyaccuratedocumentationcoveringincidents,rootcauseanalysis,andcorrectiveactions.
Supportgovernance,customerassurance,andauditrequirements.
Contributetopost-incidentreviewsandlessonslearned.
Identifyrecurringissuesandrecommendlong-termimprovements.
EnsureincidentsandvulnerabilitiesarecorrectlyloggedandtrackedwithinITSMsystems.
Collaboration&Escalation WorkcloselywithIncidentManagers,Securityspecialists,andLevel3InfrastructureandNetworkteams.
ActasaseniorescalationpointforLevel1andLevel2teams.
Engagethird-partysupplierstoprogressinvestigationandremediation.
Participateinout-of-hoursresponseasrequired.
Knowledge,Skills&ExperienceEssential ProvenexperienceinaLevel3orSeniorSecurityAnalystorIncidentResponserole.
Hands-onexperienceinvestigatingandresolvingincidentsacrossendpoints,identityplatforms,networks,andcloudservices.
Strongunderstandingofmalwareandransomwareresponse,identitycompromise,andvulnerabilityremediation.
ExperienceworkingwithinformalSecurityIncidentandMajorIncidentprocesses.
Strongwrittendocumentationandstakeholdercommunicationskills.
Knowledge,Skills&ExperienceDesirable Experiencesupportingmulti-siteoroperationallysensitiveenvironments.
FamiliaritywithDefender,SIEM,EDR,andvulnerabilitymanagementtools.
UnderstandingofregulatedorPCI-adjacentenvironments.
Relevantsecuritycertificationsorequivalentexperience.
BehaviouralCompetencies Takesownershipfromdetectionthroughtoresolution.
Investigatesthoroughlyandchallengesincompletefixes.
Calm,methodical,anddecisiveduringliveincidents.
Understandsoperationalandbusinessimpact.
Professionalandconfidentwhenengagingcustomersandsuppliers.
DecisionMaking&Authority Makestechnicaldecisionsrelatingtoinvestigation,containment,andremediationofsecurityincidents. xbpsjku
EscalatesriskanddecisionpointsappropriatelytoIncidentManagementandServiceDeliveryleadership.
KeyInterfaces IncidentManagement SecurityOperations InfrastructureandNetworkServices Third-partysuppliers Customerstakeholdersviastructuredincidentcommunications
  • Wales, England, United Kingdom

Languages

  • English
Notice for Users

This job was posted by one of our partners. You can view the original job source here.

Find similar jobs