Cyber Security Analyst L2/L3

Job Introduction

As a Cyber Security Analyst you will ensure that the business is protected against cyber security threats and that data is always kept secure. This will mean proactive planning, rapid responses to all security threats and incidents and serving as an escalation point for the other members of the team. You will work collaboratively with the business and wider IT team to provide governance and security for existing and new services. You will carry out cyber security operations including threat monitoring and incident prevention/response, as well as supporting the implementation of new cyber security technologies.

It is an exciting time to join the business as part of the IT & Cyber Security activity transformation programme. You can expect a positive and inclusive working environment, training and development opportunities, and excellent holidays and benefits. In addition, we will provide an environment that supports a healthy work life balance.

Role Responsibility

• Take full ownership of incidents escalated by Analyst level 1 or the SOC and control quality of actions performed
• Investigate and analyse cybersecurity incidents and follow up action plans
• Assist the modelling of new attack scenarios
• Coordinate regional cyber response activities with IT and business stakeholders, and contribute to global cyber response activities as needed
• Build response instructions and execute level 2 containment measures, document processing of incident within the incident orchestration solution (SOAR)
• Monitor APT (threat detection, reporting, contextualisation)

A full list of responsibilities can be found in the attached job description

The Ideal Candidate

• Experience of dealing with stressful contexts and situations when facing cyber crisis
• Experience of working and partnering with other technology teams to resolve cyber security incidents
• Experience of communicating effectively technical information to a technical audience without expertise
• Experience of communicating effectively technical information and articulate risks to non-technical audience and senior management in crisis situations
• Experience of persuading technical individuals and teams who share different objectives and priorities to deliver the security activities expected from them
• Experience of performing threat hunting and digital forensic on computers, servers or network assets
• Experience of developing scripts (Python, REGEX, Powershell, Shell, etc.) quickly in reaction to incidents or for proof of concepts
• Demonstrated experience of strong knowledge in information security principles (security principles applied to architecture, network & systems, cyber forensic, security risk assessment, software development)
• Actionable knowledge of MITRE ATT&CK framework
• Knowledge of NIST framework and OWASP
• Solid understanding of exploitable vulnerabilities and remediation techniques

Desirable

• Experience of penetration testing  
• Experience in automating manual processes for responding to cyber security incidents  
• Experience of Threat Intelligence and CERT/CSIRT activities  

Package Description

Salary - £35,000 - £50,000 plus 10% bonus and flexible benefit fund

As part of our commitment to improving the quality of life for our employees, Sodexo offers a Flexible Benefits Scheme, allowing you to tailor a reward package to suit your needs but includes a technology scheme, private dental insurance, travel insurance, gym membership, Gourmet card, private medical insurance, free will writing, life assurance, 24hrs GP access and the ability to purchase or sell annual leave.

We also have a Sodexo Discount scheme, which offers employees and their friends and family the opportunity to benefit from over 1,200 discounts from top retailers both online and in-store.

About the Company

In the UK and Ireland, Sodexo employs around 30,000 people, and partners with clients in many sectors across business and industry; schools and universities; sports and leisure; energy and resources; government and agencies; healthcare; justice and defence.

Sodexo’s connected; people-centric approach brings together a diverse range of expertise. The breadth of services it offers ranges from food and hospitality; cleaning; reception; concierge (Circles); security; property management and technical services through to data driven workplace strategy and design (Wx); employee engagement and recognition services (Sodexo Engage) and personal home services through Prestige Nursing + Care and the Good Care Group.

Vital Spaces is Sodexo’s value proposition that puts people at the heart of everything we do, bringing together services and solutions and focusing on the productivity and wellbeing of people wherever they are.

Sodexo is committed to being an inclusive employer; we welcome and encourage applications from people with a diverse variety of experiences, backgrounds and identities.

We’re a Disability Confident Leader employer. We’re committed to changing attitudes towards disability, and making sure disabled people have the chance to fulfil their aspirations.

We are building on our support to the Armed Forces community through the development of specific pathways within our recruitment process to  support ex-forces personnel and reservists, those applying for jobs with us who meet the ideal candidate criteria for the role advertised are guaranteed to progress to the selection process