Here at Harvey Nash, we are looking for a Monitoring and Compliance Analyst to work as part of a Network and Security team. For this role, you will be required to ensure that security and monitoring platforms are operating correctly, whilst producing reports as required and identifying automation opportunities to enable other teams in accessing this information.
* Responsible for upkeep, road mapping and standard setting within all monitoring and reporting systems within the Technology Services portfolio.
* Will be responsible for the daily monitoring and review of security incidents.
* Be proactive in approach and keep abreast of emerging threats. Gather information about threat landscape and breach exposure from existing or suggested tools to provide the assurance of security status on the network.
* Ownership of the Monitoring and Reporting platforms for Network and Security.
* Responsible for auditing requirements in relation to IT Security - reports, checks, evidence with both internal and external auditing functions.
* Provide threat intelligence which is actionable and reportable.
* Work closely with third parties to ensure the effectiveness of the tools in place.
* Develop metrics and dashboards to demonstrate security coverage and highlight risks and issues in real time.
* Be integral to the scheduled security testing to be carried out by the technology services teams, including PEN testing and vulnerability testing.
* 24 x 7 pro-active monitoring for security and alert incidents, responding where necessary and offering guidance to other technology teams.
* Incident reporting, analysis and classification.
* Live and on-going analysis of security rules in place and reports being produced.
* Working closely with other teams in the organisation identify cross requirements (InfoSec, Compliance).
* Review of all systems including SPLUNK, Nexpose and SolarWinds.
* Understand and interpret SIEM alerts and logs.
* Production of reports for audit, security and data centre status.
Technical Competencies, Skills and Experience:
* Experience using Security Information and Event Management tools like SPLUNK.
* Good understanding of monitoring tools such as SolarWinds.
* Good understand of Linux and Windows operating systems.
* Good understand of Network, Data Centre and WebApp security.
* Vulnerability management tools such as Nexpose.
* Capable of managing multiple workloads.
* Ability to work independently.
* Writing and delivering reports as identified.
* Excellent communication and collaboration skills.
If you're interested in finding out more about this opportunity, please don't hesitate to email me at email@example.com