Security Analyst - Infrastructure Torres Vedras

Join to apply for the Security Analyst - Infrastructure role at GLORY

1 week ago Be among the first 25 applicants

Get AI-powered advice on this job and more exclusive features.

Overview

In this position, you'll use your knowledge and experience to ensure that the implementation, management and support, of the security applications and tools are to an acceptable level and providing sufficient protection to GGS against external and internal threats. Day to day you will provide dedicated ownership and support for internal and external security applications and tools. Using the applications and tools then you will lead security incident and event management, vulnerability management, XDR, and device management. Working in conjunction with Information Security and the wider IT Operations team, you will enforce policy through the management and support of technical controls and will be able to demonstrate effectiveness of controls and compliance with internal polices, contractual commitments and compliance to our security certifications.

Department: IS - Service Delivery

Location: Portugal/Torres Vedras

Key Responsibilities

• Liaising with our external Managed Security Operating Centre to respond to escalations
• Management of internal security applications, including Microsoft Defender, Microsoft Sentinel, Microsoft Intune, Rapid7, Spycloud, EASM and other tools as required
• Working with customers to remove identified vulnerabilities from external tools such as Bit
  Sight and Security Scorecard
• Using internal vulnerability management tools to highlight vulnerabilities within internal systems and infrastructure.
• Working with our security partner to coordinate and perform external vulnerability management.
• Working with system and business owners to resolve vulnerabilities in line with GGS Policy.
• Producing monthly reports to demonstrate effectiveness of tools, identification and resolution of vulnerabilities.
• Work with Infrastructure team to ensure timely patching of network devices and systems and define infrastructure best practices.
• Monitoring of the Dark Web using partner tools to identify and respond to threats.
• Regular review of technical and cloud infrastructure controls, such as firewalls, IDS/IPS systems, syslog systems, security groups and Access Brokers.
• Develop and maintain secure configuration baselines and standards for infrastructure devices.
• Documenting and creating security processes to enhance security incident response and standards.
• Identifying capabilities of existing and new tools to increase security resilience across internal and external infrastructure.
• Working closely with IT Operations and Infrastructure to harden network infrastructure components (e. g. , routers, switches, VPN gateways) in line with CIS benchmarks and ISO27001 standards
• Liaison for penetration testing between system owners and GGS security partners

Education, Skills & Qualifications

• A technical degree or professional qualification
• Formal security qualifications such as CISSP or CEH would be of interest

Required Skills & Competencies

• Knowledge of Microsoft security applications, including Defender, Sentinel and In
  Tune
• In depth Knowledge of Infrastructure security protocols and standards.
• Ability to identify and monitor vulnerabilities using tools such as Rapid 7, EASM etc.
• Experience working with corporate Information Technology platforms and systems
• Advanced understanding of security practices for Linux, Windows server operating systems
• Experience with public cloud security best practices (GCP, Azure, etc. )
• Ability to communicate security requirements to the wider IT teams
• Able to produce clear and comprehensive requirements documentation
• Strong written and verbal communication skills
• Commitment to excellence and high standards; strong organizational skills; able to manage time, priorities and workload
• Ability to work autonomously
• Comfortable to challenge seniority and existing processes.
• Knowledge of ISO27001 standard would be advantageous

Seniorities and Employment

• Seniority level: Mid-Senior level
• Employment type: Full-time
• Job function: Information Technology
• Industries: IT Services and IT Consulting

Get notified about new Security Analyst jobs in Torres Vedras, Lisbon, Portugal.