Security Analyst

About the Role

We are seeking a skilled Security Analyst to join our team. The ideal candidate will be responsible for protecting the organization’s information systems and data by monitoring, analysing, and responding to security incidents. They will work closely with IT teams to ensure compliance with security policies and procedures, while continuously assessing and improving our security posture

Key Accountabilities

Monitor and Maintain Security Platforms:

• Monitor security alerts and logs from various sources, including end point protection, secure web and email gateways, firewalls, IPS, 24/7 SOC and SIEM platform
• Collaborate with technical SMEs and 3rd party SOC to develop, tune and optimise security tooling to ensure effective discovery of suspicious activity
• Analyse Vulnerability Scans, working with technical SMEs to prioritise and remediate issues

Security Investigation and Incident Response:

• Perform real-time analysis of security events and incidents to determine severity and scope, identifying potential threats, vulnerabilities, and suspicious activities
• Perform incident response as a key member of the CSIRT
• Maintain and update security incident response documentation, including playbooks, SOPs, and KB articles
• Provide detailed and summary investigation reports

Security Audits:

• Conduct internal security audits and reviews ensuring controls are operating effectively
• Collaborate with IT teams to ensure appropriate security measures are in place

Develop Controls

• Assist with security review of designs, ensuring security best practice is incorporated into business solutions (internal hosted systems and cloud services)
• Develop security controls, documenting and presenting recommendations to improve the security of the estate

About you

Previous experiences / core competencies key to this role:

• Good experience of security operations, including managing security incidents and investigations end to end
• Working knowledge of information security control standards and frameworks e.g. ISO 27001, NIST, CIS, Cyber Essentials
• Understanding of the UK General Data Protection Regulation (GDPR)
• Demonstrate experience of continuous improvement, interacting with Security and Business stakeholders to develop and deliver an enhanced security posture
• high level of technical skills including:
• MS Entra ID, Office 365 and MS Defender
• Good experience of cloud security - AWS and Azure
• Network security skills
• Use of vulnerability scanning technologies and SIEM platforms
• Ideally holds a current security qualification, such as CISSP, CEH etc.
• Maintain up to date knowledge of modern threats and security trends

What we can offer you

Not only do we offer free onsite parking and competitive salary but you’ll also have access to:

• Company funded Health Cash Plan – providing cash back for everyday healthcare costs such as dental, optical and physiotherapy
• 5% match pension
• 25 days holiday plus holiday buy scheme
• 24/7 E-Learning modules, Training and Development opportunities
• Sharesave Scheme, Cycle to work schemes, Health cash plan
• Colleague Assistance Programme & Colleague referral scheme

About us

Smiths News is the UK’s largest news wholesaler. Our colleagues serve 23,000 retailers every day of the year, operating from 33 distribution centres.

Inclusion and diversity are important to us. We are working together to build and shape a culture that embraces people from all backgrounds, experiences, and orientations. Smiths News is dedicated to creating an authentic workplace where everyone can thrive