Find your perfect job

Search

Information Technology Security Analyst

Job Function:
IT
Location:
Manchester
Job Type:
Permanent

Business overview and role at boohoo

Our vision is to lead the fashion e-commerce market globally, in a way that delivers for our customers, people, suppliers and stakeholders. Our brands operate along the same principles today as when boohoo was founded in 2006: through a test and repeat model that brings the latest trends and fashion inspiration in a matter of weeks to our customers across the world.

We have developed a unique platform, through years of investment in technology and processes, supply chain relationships and with the know-how of a great team of people. This platform enables us to penetrate markets and expand rapidly, operating multiple brands as we progress with our ambition to lead the online fashion market.

With the growth of the business boohoo have invested in developing and enhancing its IT security function, this has given rise for the creation of the role for a security analyst to work within the IT department and dealing with every aspect of security monitoring and testing across all the business areas.

This is a very exciting opportunity to work for a very progressive company alongside a close knit family of colleagues in a fantastic environment.

We are in the early stages of creating our security operations centre, and work with a world leading managed security services provider (MssP) partner.

Responsibilities

  • Day to day monitoring and administration of security controls around tooling solutions and Cloud based systems such as Office 365, AWS, Azure.
  • Day to day monitoring of SIEM, Brand Protection, Vulnerability Scanning, Threat Detection and Intelligence, working in conjunction with partnered MssP
  • Monitor the boohoo security services to ensure that patching, security controls and mechanisms are operating effectively – investigate issues and escalate to providers where appropriate.
  • Assist in developing, maturing and managing the existing operational processes for run books to be created or automated where possible
  • Assist in delivering security reviews and management metrics to ensure the integrity, confidentiality, and availability.
  • Proposes improvements within the scope of the Security Operations that will lead to automation, standardisation, and consolidation for ease of support and maintenance
  • Create working relationships with business owners to deliver and enhance the service.
  • Takes ownership in obtaining information, evidence and data required to diagnose and resolve complex problems
  • Proactively analyses trends and reports to highlight potential problems, maintain and enhance service.
  • Flexible member of the security operations team to provide knowledge, assistance and advice with other members
  • Maintains awareness of technical and service developments, taking the initiative to extend own knowledge to learn about products, technologies and techniques to deliver enhanced service.
  • Monitoring of events and alerts from multiple technologies to detect potential malicious activity.
  • Responsible for carrying out analysis and triage of Cyber Security events.
  • Taking ownership to identify and assess the appropriate outcome and response to an event.
  • Clear and concise communication and collaboration when responding to events through to remediation.
  • To identify, escalate and debate all risks to the business, by analysing events/metrics and escalation data, identify patterns and trends on high risk controls and proactively suggest, develop and implement enhancements to reduce risk.

 

Essential Skills and Competencies

  • Minimum of 2+ years working in a SOC function
  • Strong knowledge of common operation systems (Windows, Linux, etc.) and endpoint security principles.
  • Previous experience in Cyber Security, Incident Response, or a related field.
  • Prior experience detecting and analysing security events and/or responding to security incidents.
  • Demonstrated ability to analysing and correlating information from a variety of enterprise technologies.
  • Hands-on experience with common security technologies (IDS, Firewall, SIEM, etc.).
  • Strong knowledge of common security analysis tools & techniques.
  • Understanding of common security threats, attack vectors, vulnerabilities and exploits.
  • Strong knowledge of common networking services and protocols (TCP/IP, SSH, FTP, DNS, DHCP, SMTP, SSL, etc.).
  • Malware Analysis (Analysis of documents/ malicious binaries/ understanding and interpreting results of Sandbox output)
  • Contain service attacks i.e. lateral movement privilege escalation and APT
  • Network Based Attacks/ Incidents (DDoS/ IDS Alerts)
  • Containment (Understanding of containment of security incidents both at the network and host layer)
  • Good verbal and written communication skills
  • Good analytical and problem solving skills
  • Knowledge using Vulnerability Assessment tools like Nessus, Qualys etc.
  • Good understanding of IT security principles
  • Creation of use cases and Mitre ATT&CK framework

 

Desirable Skills, Competencies and Qualifications

  • Digital Forensics (Basic understanding of key concepts)
  • Experience of common information security management frameworks and standards, such as ISO27K, ITIL, COBIT, PCI-DSS and National Institute of Standards and Technology (NIST
  • Exposure to standards and policies relating to ISO27001/2 controls
  • Ability to read and understand architectural design and implement security controls
  • Experience with Security design testing in accordance with the OWASP security testing methodology
  • Experience with Threat identification and remediation including penetration testing
  • Familiarity with relevant legislation including DPA and GDPR.
  • Exposure to risk assessments of products and services.
  • Exposure to treatment plans for risks and management of risk models.
  • Exposure to audits from external sources, i.e. PCI-DSS
  • Exposure to cloud technologies layered security practices for network, host, applications, data and access to IaaS, PaaS and SaaS services in a hybrid deployment environment
  • Working towards or have obtained a GIAC, CEH qualification