Senior Security Analyst (FinTech), Cyprus - Limassol

Tech
Ref: 235 Date Posted: Thursday 16 Jun 2022
LinkedIn ShareShare

Our client is hiring an experienced Senior Security Analyst for an exciting new security division to support security operations for their Group.  The Security Operations Centre (SOC) team is one of the Information Technology pillars throughout the group and works alongside the corresponding IT pillars (Network Operations Centre (NOC) and Operational IT).

The SOC team’s primary objective is to ensure the overall effectiveness of cybersecurity across the group globally and respond to and remediate potential threats to the technology environment. The successful candidate will monitor key vulnerability and security information event management technology, participate in projects to deploy new security solutions across the group and act as a point of technical escalation within the security operations team.

The ideal candidate will be passionate about information security and will keep pace with current and emerging vulnerabilities and threats, whilst developing a solid understanding of key business and technology processes. Previous experience within a security operations role is essential along with and a strong technical background. In addition to being a self-starter, you will be able to solve problems independently and develop ideas into solutions.

In this role you will perform key security services activities including identification of assets, scanning for infrastructure and application vulnerabilities, security penetration testing, and security monitoring. In addition, you will perform investigations and perform analysis of events in order to thwart internal and external threats to the environment. You will collaborate on an ongoing basis to support detection, triage, incident analysis, containment, remediation and reporting of vulnerabilities, events, and escalated incidents while coordinating business priorities, emerging and actual threats and best practices to ensure confidentiality, integrity and availability of the information assets.

Responsibilities:

  • Identify and remediate infrastructure and application vulnerabilities identified in continuous scanning and regular penetration testing exercises and assist with risk prioritization.
  • Analyze and respond to security threats from Firewall (FW), Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS), Antivirus (AV), Endpoint Detection and Response (EDR), Network Detection and Response (NDR), Email Security, Cloud Security, and other security threat data sources.
  • Respond in a timely manner (within documented SLA) with thorough and concise analysis and recommended actions.
  • Assist in establishing a mature and optimized Security Operations Center discipline to support managed security services focused on vulnerability and security information event management engagements.
  • Document actions in cases to effectively communicate information to internal and external stakeholders as well as for historical retrieval.
  • Adhere to Group policies, procedures, and security practices.
  • Resolve problems independently and understand escalation procedures.
  • Conduct scanning and monitoring activities to provide in-depth visibility into potential known and unknown vulnerabilities and threats that may pose risk to the Group environments.
  • Participate in security incidents and act as the technical Subject Matter Expert during significant security incidents.
  • Utilize analytics to identify potential vulnerabilities and threats to the environment.
  • Detect, respond, mitigate, and report on cyber threats/incidents that may impact the environment.
  • Collaborate with NOC, ITOC teams on matters related to security scanning and monitoring across a global footprint.
  • Conduct operations surrounding cyber security incident response technologies including network logging and forensics, security information and event management tools, security analytics platforms, log search technologies, and host-based forensics as applicable.
  • Act as an internal information security consultant to the business and technology units, advising on risks, threats and control practices related to SOC - Assurance and Response.
  • Assist in development and knowledge sharing within the team.
  • Assist in security console tuning.
  • Perform threat hunts that target known vulnerabilities, threats and other attack vectors.

Skills & Competencies: 

  • Critical thinking and the ability to solve real-world problems
  • Ability to work both independently and as part of a team
  • Strong interpersonal and organization skills
  • Solid commercial awareness and ability to understand business requirements
  • Excellent communication skills both written and verbal
  • Strong mentorship skills when working with junior team members
  • Passion for information security, learning and professional development

Educational / Experience Requirements:

Essential

  • Demonstrable experience within a security operations environment
  • Industry-relevant bachelor's degree or equivalent experience or technical certifications
  • Knowledge of SIEM solutions, EDR technologies, Network & Host-based security products
  • Experience using vulnerability management products such as Qualys or Rapid7
  • Experience with Linux, Windows, iOS, and Network Operating Systems.
  • Experience with cloud technologies such as Microsoft Azure and Amazon AWS
  • Previous experience working on projects delivering key business objectives

Desirable

  • Experience with incident response and co-ordinating remediation activity
  • Static and dynamic malware analysis skills and knowledge of common types of malware
  • Experience with Python, PowerShell, Bash scripting to perform automation and integration tasks
  • Security Certifications: GIAC, OSCP, CCSK, Azure, AWS, ISC2, CompTIA, ISACA, EC-Council
  • Previous experience in financial services technology

Group Values:

  • Innovation -  embraces innovative technological solutions to stay ahead of its peers, gain market share, and to create shareholder value.
  • Collaborative Culture - is proud of its collaborative culture and unifies its resources to expand the boundaries of possibilities and ideas with the goal of achieving excellence.
  • Ethics -  focuses on leading the industry by applying strong ethical and transparent business practices which will be reflective in the way we interact with our clients, thereby building trust and loyalty.
  • Freedom of Expressions - provides a supportive environment that promotes the freedom of ideas and the opportunity to innovate and contribute to innovative ways of doing things.

To apply for the Senior Security Analyst job opportunity in Limassol, Cyprus, please email your CV to Georgia Michaelides, georgia.michaelides@emeraldzebra.cy