Cyber Security Analyst (Contract Inside IR35)

We are looking for Cyber Security Analysts to join our team and protect our organisation from cyberattacks. As a Cyber Security Analyst, you will monitor, analyse, and respond to security incidents and events, as well as implement and maintain security measures and software. You will also conduct threat research, risk assessments and work to continuously improve our security systems.

The role is an excellent opportunity to work with a highly skilled and passionate team, leading technologies, best practice frameworks and partners. In this role you will be responsible for actively protecting critical data, the perimeter, networks, applications and business operations.

Assist with expanding security monitoring across the entire infrastructure spectrum and critical applications covering tool deployment, operational runbooks, effective detection, reporting and metrics.

About You

This role is perfect for someone who is passionate about Cyber Security, resilience, and protecting customer data.

To be successful in this role, you should have at least 2 years of experience in Cyber Security.

You should also have a strong knowledge of the cyber security threatscape and the latest security trends and tools. You should be able to work independently and collaboratively with other security professionals, as well as communicate effectively with stakeholders across the organisation.

An excellent understanding of cloud based SIEM tooling. Including implementation, configuration, data source onboarding, use case creation and general SIEM engineering.

The ideal candidate has a thirst for knowledge, attention to detail and a determination to deliver quality results.

You should have a general understanding of firewalls, proxies, SIEM, antivirus, EDR, XDR and IDPS concepts.

Experience of security monitoring, alerting, use case development, detecting and responding to cyber threats and incidents. Data source

You should have good incident response skills, and the ability to follow predefined playbooks.

• Critical Thinking - Able to evaluate multiple factors to investigate security incidents
• Attention to Detail – The ability to spot subtle signs of suspicious behaviour
• Curiosity & Continuous Learning - Stay updated with the latest attack vectors, exploits, and mitigation techniques.
• Critical Thinking - Able to evaluate multiple factors to investigate security incidents.
• Curiosity & Continuous Learning - Stay updated with the latest attack vectors, exploits, and mitigation techniques.
• Integrity & Trustworthiness - Handle sensitive data with discretion and adhere to ethical guidelines.
• Resilience - Stay composed during high-stress situations like a breach response.
• Adaptability - React swiftly to evolving threats and changing situations.
• Clear Communication - Convey risks and technical information to both technical and non-technical audiences.
• Report Writing - Create clear, actionable, and comprehensive incident or assessment reports when required.
• Certifications or degree in Cyber / Information Security or Computer Science are of advantage but not essential
• Certifications such as CySA+, Security+, Network+, AWS Cloud Practitioner, AWS Security are advantageous
• Good understanding of network technologies, application security and security principles
• Knowledge of common cyber security frameworks and standards, such as NIST, ISO, CIS, and SOC 2

Minimum criteria

You’ll need all of these.

• Experience in a similar Cyber Security role

Who you’ll be working with

This role sits within Security Operations in the Information Security Team. This team has overall responsibility for the information security of technology at MO, working collaboratively to meet the needs of the customer and strategic business objectives.

The team are professional, experienced security experts, who use their expertise, communication skills and pragmatic approach to ensure the security of the organisation’s data and systems whilst facilitating rapid delivery and innovation. They place importance on acting in a collaborative manner with the business, product teams and technology experts to deliver solutions aligned to the organisation’s security strategy and approach.