Cyber Security Analyst

Job Description

Cybersecurity analyst with a focus on GRC and setting up as well as running a SOC Job summary We’re offering an exciting opportunity to join our rapidly growing Cyber Security Practice as a Cyber Security Analyst specialising in Governance, Risk, and Compliance (GRC) and in Security Operations Centre (SOC) activities. You’ll work on a project in the energy sector. With over a decade of industry experience, you’ll help build trusted relationships and play a key part in strengthening our client’s security postures. This job contains a GRC part and a SOC part. What you’ll be doing for the GRC part of this job: Delivering high-quality consultancy in NIST CSF, ISO 27001, GDPR, and Cyber Essentials/Cyber Essentials Plus and other Cyber Security Frameworks. Performing risk assessments, gap analyses, and maturity reviews aligned to recognised security frameworks. Develop a risk assessment framework for a client. Providing advisory and hands-on support in developing and improving clients’ Information Security Management Systems (ISMS) and Cyber Security Posture. Supporting clients with certification readiness, internal audits, and remediation activities. Leading client engagements and building long-term relationships with key stakeholders. What you’ll be doing for the SOC part of this job: Be able to setup the client with an external and / or internal SOC. Be responsible for monitoring, analyzing, and responding to security incidents. · Monitoring and responding to alerts. · Escalating alerts where necessary. · Proposing tuning requests. · Producing reports. · Maintaining awareness of the latest threats and vulnerabilities. Here's what we're looking for: Demonstrable experience in a GRC consultancy or senior security role, ideally within a service provider or large organisation. Proven knowledge and application of NIST CSF, ISO 27001, GDPR, and Cyber Essentials frameworks. ISO 27001 Lead Auditor and/or Implementer certification (desirable). Strong client-facing communication and stakeholder engagement skills. CISM certification and experience with risk management practices. Proficiency in managing security compliance programmes and driving improvement initiatives. Experience chairing client workshops and desktop exercises, ISO meetings, or team calls. · A good understanding of computer networks, operating systems, software, hardware and security. · An understanding of cyber security risks associated with various technologies and ways to manage them. · A good working knowledge of various security technologies such as network and application firewalls, host intrusion prevention and antivirus. · Any relevant academic or industry specific training. Must be able to attend a weekly 1-hour client meeting every Thursday at 5 pm UK time. Must be able to commit to 10 hours of flexible part-time work per week. Set yourself apart: · Understanding of basic cybersecurity principles and concepts · Knowledge of common attack vectors and malware types. · Awareness of security tools and technologies. · Basic understanding of incident response principles. · Networking fundamentals. · Analytical and problem-solving skills. Educational Qualification: Bachelor’s or above degree in a related field or equivalent full-time course CISSP or a combination of the following: CompTIA A+ CompTIA Network+ CompTIA Security+ CySA+ Pentest+ CASP+ Industry Type: IT Services & Consulting Functional Area: Information Security and Cybersecurity Employment Type: Part-Time, Contract Languages: English Location: Remote Salary: 35.000 (thirty-five thousand) INR per month for 40 hours of work per month (10 hours of work per week). Payment will be made based on “outside IR35”, meaning that the successful candidate is expected to take care of any tax payments independently after having received the payment from the company. Show more Show less