Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: InfoSec Jobs - IT Security Incident Analyst London, UK GCIH, GCFA, GCFE, GCIA, GPEN, GFNA, GCTI, GCDA, GSEC InfoSec Jobs


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

This listing has expired and therefore is not publicly viewable.

IT Security Incident Analyst
Company GfK
Location London, UK
Preferred GIAC Certifications GCIH, GCFA, GCFE, GCIA, GPEN, GFNA, GCTI, GCDA, GSEC
Travel 15%
Salary £60-75k p/a
URL Not provided
Contact Name Adam Nicholson
Contact Email adam.nicholson/at/gfk.com
Expires 2018-07-30

Job Description

About GfK
We are Germany's largest market research institute, and the fourth largest market research organization in the world. Our vision is to be the indispensable, trusted data and analytics partner for the durable goods and technology industries and respective retailers. Everything we do starts with our clients. We collaborate across boundaries with a can-do attitude and lean mentality. We focus on what matters most so that we deliver real value. Innovation is in our DNA. We bring new products to market quickly and focus on continuous improvement. We dare to take educated risks, learn quickly from failure and push on toward excellence.
Many say they have big data problems, we do have big data and also big problems to solve. We apply modern technology and proven practices to solve problems around big data storage, big data processing, machine learning and complex data visualisation.
Help lead the digital transformation of GfK and be an impactful participant in shaping the future of market research and data insight.

Purpose of the Role
Reporting to the Security Technology Team Manager, the IT Security Incident Analyst is primarliy responsible for intrusion detection and prevention security controls as welll as the management and oversight of incidents for EMEA passed on from our off-shore security operations centre (SOC).
The IT Security Incident Analyst recognises when an system has been attacked internally, by a remote host, via malicious code, such as virus, worm or Trojan etc or when a breach of security has occurred and then takes immediate action to limit damage, escalates to next level and records the incident & action taken. The IT Security Incident Analyst demonstrates effective communication of security issues to tech managers and other senior stakeholders. As well as performing basic risk assessments for information systems and vendors.
The IT Security Incident Analyst also plays an important role within the senior Security Tech Team and actively contributes to the development of security polices, standards and guidelines that mitigate overall risks, strengthen IT security defenses and reduce vulnerabilities of the IT systems. The IT Security Incident Analyst will be involved in communicating technology security standards and promoting awareness to cyber colleagues in the organization as well as supporting forensic investigations, analyzing security intelligence, organizing security testing and measuring IT security maturity and compliance with IT security standards and guidelines.

Key Activities
• Serve as the lead incident handler to respond to security incidents
• Facilitate the handover of security incidents from the SOC in Malaysia so that they can be progressed during the EMEA business hours
• Significantly improve all incident response processes
• Track and remediate agreed actions from incidents
• Provide security incident awareness training to tech staff
• Threat hunting
• Run table top exercises
• Provide executive communication
• Collaborate with peers in other areas of the company to continually improve upon security throughout the organisation
• Participate in the secure architecture and engineering processes
• Support IT system owners, Application owners, IT administrators, Regional Security Coordinators and Local Security Coordinators in the investigation and remediation of IT security incidents or other policy violations
• Provide security technology implementation advice to IT Colleagues, Region Security Coordinators, Legal & Compliance, Global HR, Central Services, etc.
• Monitor the external threat environment for emerging threats, and advise head of security of risk and recommended courses of action.
• Assist in the organization of technical security awareness trainings for software developers
• Assist in the gathering and reporting of IT security metrics to measure the efficiency and effectiveness of the IT security controls.

Experience & skills required
• Competent knowledge of security technologies and concepts.
• Extensive experience in security incident identification and resolution
• Strong knowledge of all areas of Information & Cyber Security
• Good understanding of IT security best practice, common attack types and detection/prevention methods, including CISecurity Benchmarks, OWASP and NIST
• Demonstrated ability to analyse and solve problems.
• Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate security and risk-related concepts to technical and non-technical audiences.
• Poise and ability to act calmly and competently in high-pressure, high-stress situations.
• Must be a critical thinker, with strong problem-solving skills.
• Exhibit excellent analytical skills, the ability to manage multiple projects under strict timelines, as well as the ability to work well in a demanding, dynamic environment and meet overall objectives.
• Project management skills: scheduling and resource management.
• Ability to work cross-functional, interdisciplinary teams to achieve tactical and strategic goals.
• Understands “voice of the customer” and develops mechanisms to proactively sense adoption and usage patterns of consumer technologies by end users so that policy can align with need
• High level of personal integrity, as well as the ability to professionally handle confidential matters, and show an appropriate level of judgment and maturity.
• One or more relevant information security qualifications from a recognised body, such as GCIH, GCFA, GCFE, GCIA, GPEN, GFNA, GCTI, GCDA, GSEC

The GfK culture
Having choices is what makes life exciting. Make your choice today and take your future into your own hands. We value skills and talent and will support your development within our international teams.
GfK makes your choice easy as we offer an exciting work environment that brings people together and encourages an entrepreneurial and innovative spirit. As a trusted leader in market research present in over 100 countries, we know what makes consumers’ hearts beat and how to help our clients grow—globally and locally.
Our culture is diverse and highly collaborative. Our data scientists, creatives, software engineers and product owners all collaborate across different disciplines to develop cutting edge, fully integrated solutions.
• We embrace working in the team: we build on trust, collaboration and open feedback
• We foster diversity: this is more than a mix of gender, culture, ethnicity and languages for us. It is the inclusion of different thinking, experiences, expertise and backgrounds across all businesses and organizational levels
• We believe in a healthy work-life balance: we offer flexible & remote working, agile environments & hot desking, break out spaces, socials, activities, table tennis and amazing views!
• We are committed to providing you with opportunities to develop both professionally and personally through local, regional and global programs - we help our colleagues grow and runway their careers