Cyber Security Analyst

BMI have a fantastic new opportunity for a Cyber Security Analyst to join the Global Cyber Security Team responsible for monitoring and securing people, processes, and technology throughout the U.S, APAC and EMEA regions

Reporting to the Cybersecurity Operations Manager, this role is based in Reading and offers hybrid working.

Role purpose:

This role provides subject matter expertise in operational support for the day-to-day activities of the Global Security Operations Services for Standard Industries. The Cyber Security Analyst is responsible for the effective triage and escalation of all incidents to the Management Team where required.

The ideal candidate will work closely with managed service suppliers, covering Managed Detection & Response (MDR), Managed Security Service Provider (MSSP), and Incident Response (IR), following processes within the overall IT Operating Model.

In addition to supporting the security needs of the Global Cyber Security tam, the ideal candidate must have a desire to work effectively with colleagues across other Cyber Security team (GRC, application security, architecture, vulnerability management, Red team) and other IT team, service management, operating companies, suppliers, and service providers

As a Cyber Security Analyst, your key responsibilities will likely be:

• Ensure the efficient and effective operation of security infrastructure and delivery of security services within our on-prem, operational technology (OT) and native cloud infrastructure such as Azure and GCP


• Monitor for and triage security events raised by our MSSP/MDR or internally including phishing


• Review operation logs and event console activity to determine cause of security-related events or to identify potential security-related events


• Contribute to the development of new monitoring and detection capabilities in the SIEM, network and endpoint security platforms aligned to the MITRE ATT&CK and Cyber-Kill Chain Frameworks


• Review operation logs and event console activity to determine cause of security-related events or to identify potential security-related events


• Leverage known adversarial tactics and techniques skills to ensure our security tools are properly configured to monitor, detect, and alert of nefarious security behaviours and provide recommendations or changes to configurations, tooling or processes accordingly


• Participate in the development and maintenance of processes, playbooks, and runbooks


• Participate in the development and refinement of event detection, incident response and forensics technical capability and procedures.



• Utilise threat intelligence and vulnerability analysis/data to define actionable rule tuning liaising with our MSSP and EDR services


• You will be expected to be on-call or work outside office work hours in the event of a major incident or significant security events
  
  The ability to interact comfortably with personnel across multiple organizations, build strong relationships with IT peers and understand business imperatives


• Experience of cyber-security technical analysis gained in an in-house security operations team or within an MSSP delivery


• Knowledge in the analysis of raw logging data such as Sysmon


• Development and maintenance of custom security alerting within SIEM and EDR tooling aligned to the MITRE ATT&CK and Cyber Kill Chain frameworks


• Knowledge of current cyber-security issues and threat management and security operations & SIEM


• Excellent problem-solving ability


• Strong communication skills


• Excellent analytical skills and ability to analyse security requirements, Experience in a cybersecurity threat hunting, Security Operations Centre / Managed Detection and Response (MDR/SOC) or in-house Security Operations based function (Blue Team)


• Any industry recognized Information Security accreditation (SANS GSOC, CISSP, CSOP preferred)



• Knowledge of MITRE ATT&CK and Cyber Kill Chain frameworks and how to translate tactics, techniques and procedures (TTP's) of attackers into enhancing current and future security tooling


• Knowledge working with Endpoint Detection and Response (EDR) such as SentinelOne, Crowdstrike, Carbon Black or Sophos.


• Experience and knowledge surrounding the investigation of security incidents, using EDR and SIEM based technologies including the reporting of investigations to Management or shift leads.


• Knowledge and understanding of information risk concepts aligned with the CIS Top 18, and how to implement technical controls to monitor and address these risks
  
  BMI Group - Europe's roofing and waterproofing expert - was formed in 2017 in order to better serve customers expecting roofing and waterproofing expertise from one partner. BMI brings together some of the industry's most trusted brands and is Europe's largest manufacturer in the combined pitched and flat roofing market, with a significant presence in parts of Asia and Africa. BMI Group's industrial heritage dates back to 1740 and offers over 200 years of experience and innovation to its clients.


As a Standard Industries company, BMI Group, headquartered in the UK, has the support, reach and resources of a global enterprise. With 116 production facilities across Europe, Africa and Asia, and almost 10,000 employees worldwide, the business is well positioned to provide an unparalleled level of service to homeowners, architects, specifiers, contractors, installers, property owners and developers. Find out more at www.bmigroup.com, A career with BMI Group is more than just a job. We help you to find work you enjoy, to use your skills, and support you to become the best you can be.

Working together we can achieve great things. Come and join us.

We offer a range of benefits that include a competitive base salary, substantial bonus (depending on the role), 25 days annual leave plus BH, private medical insurance (including family), dental & optical discounts. Pension 3% employee and 6% employer contributions, income protection and life insurance, EAP program plus a host of other benefits such as cycle to work scheme, gym discounts and season ticket loans.